├── .gitignore ├── README.md └── policies ├── APIGatewayServiceRolePolicy ├── AWSAccountActivityAccess ├── AWSAccountManagementFullAccess ├── AWSAccountManagementReadOnlyAccess ├── AWSAccountUsageReportAccess ├── AWSAgentlessDiscoveryService ├── AWSAppMeshEnvoyAccess ├── AWSAppMeshFullAccess ├── AWSAppMeshPreviewEnvoyAccess ├── AWSAppMeshPreviewServiceRolePolicy ├── AWSAppMeshReadOnly ├── AWSAppMeshServiceRolePolicy ├── AWSAppRunnerFullAccess ├── AWSAppRunnerReadOnlyAccess ├── AWSAppRunnerServicePolicyForECRAccess ├── AWSAppSyncAdministrator ├── AWSAppSyncInvokeFullAccess ├── AWSAppSyncPushToCloudWatchLogs ├── AWSAppSyncSchemaAuthor ├── AWSAppSyncServiceRolePolicy ├── AWSApplicationAutoScalingCustomResourcePolicy ├── AWSApplicationAutoscalingAppStreamFleetPolicy ├── AWSApplicationAutoscalingCassandraTablePolicy ├── AWSApplicationAutoscalingComprehendEndpointPolicy ├── AWSApplicationAutoscalingDynamoDBTablePolicy ├── AWSApplicationAutoscalingEC2SpotFleetRequestPolicy ├── AWSApplicationAutoscalingECSServicePolicy ├── AWSApplicationAutoscalingEMRInstanceGroupPolicy ├── AWSApplicationAutoscalingElastiCacheRGPolicy ├── AWSApplicationAutoscalingKafkaClusterPolicy ├── AWSApplicationAutoscalingLambdaConcurrencyPolicy ├── AWSApplicationAutoscalingNeptuneClusterPolicy ├── AWSApplicationAutoscalingRDSClusterPolicy ├── AWSApplicationAutoscalingSageMakerEndpointPolicy ├── AWSApplicationDiscoveryAgentAccess ├── AWSApplicationDiscoveryServiceFullAccess ├── AWSApplicationMigrationAgentPolicy ├── AWSApplicationMigrationConversionServerPolicy ├── AWSApplicationMigrationEC2Access ├── AWSApplicationMigrationFullAccess ├── AWSApplicationMigrationMGHAccess ├── AWSApplicationMigrationReadOnlyAccess ├── AWSApplicationMigrationReplicationServerPolicy ├── AWSApplicationMigrationServiceRolePolicy ├── AWSApplicationMigrationVCenterClientPolicy ├── AWSArtifactAccountSync ├── AWSAuditManagerAdministratorAccess ├── AWSAuditManagerServiceRolePolicy ├── AWSAutoScalingPlansEC2AutoScalingPolicy ├── AWSB9InternalServicePolicy ├── AWSBackupAdminPolicy ├── AWSBackupAuditAccess ├── AWSBackupFullAccess ├── AWSBackupOperatorAccess ├── AWSBackupOperatorPolicy ├── AWSBackupOrganizationAdminAccess ├── AWSBackupServiceLinkedRolePolicyForBackup ├── AWSBackupServiceLinkedRolePolicyForBackupTest ├── AWSBackupServiceRolePolicyForBackup ├── AWSBackupServiceRolePolicyForRestores ├── AWSBackupServiceRolePolicyForS3Backup ├── AWSBackupServiceRolePolicyForS3Restore ├── AWSBatchFullAccess ├── AWSBatchServiceEventTargetRole ├── AWSBatchServiceRole ├── AWSBillingReadOnlyAccess ├── AWSBudgetsActionsRolePolicyForResourceAdministrationWithSSM ├── AWSBudgetsActionsWithAWSResourceControlAccess ├── AWSBudgetsReadOnlyAccess ├── AWSBugBustFullAccess ├── AWSBugBustPlayerAccess ├── AWSBugBustServiceRolePolicy ├── AWSCertificateManagerFullAccess ├── AWSCertificateManagerPrivateCAAuditor ├── AWSCertificateManagerPrivateCAFullAccess ├── AWSCertificateManagerPrivateCAPrivilegedUser ├── AWSCertificateManagerPrivateCAReadOnly ├── AWSCertificateManagerPrivateCAUser ├── AWSCertificateManagerReadOnly ├── AWSChatbotServiceLinkedRolePolicy ├── AWSCloud9Administrator ├── AWSCloud9EnvironmentMember ├── AWSCloud9SSMInstanceProfile ├── AWSCloud9ServiceRolePolicy ├── AWSCloud9User ├── AWSCloudFormationFullAccess ├── AWSCloudFormationReadOnlyAccess ├── AWSCloudFrontLogger ├── AWSCloudHSMFullAccess ├── AWSCloudHSMReadOnlyAccess ├── AWSCloudHSMRole ├── AWSCloudMapDiscoverInstanceAccess ├── AWSCloudMapFullAccess ├── AWSCloudMapReadOnlyAccess ├── AWSCloudMapRegisterInstanceAccess ├── AWSCloudShellFullAccess ├── AWSCloudTrailFullAccess ├── AWSCloudTrailReadOnlyAccess ├── AWSCloudTrail_FullAccess ├── AWSCloudWatchAlarms_ActionSSMIncidentsServiceRolePolicy ├── AWSCodeArtifactAdminAccess ├── AWSCodeArtifactReadOnlyAccess ├── AWSCodeArtifactReadOnlyAccess.json ├── AWSCodeBuildAdminAccess ├── AWSCodeBuildDeveloperAccess ├── AWSCodeBuildReadOnlyAccess ├── AWSCodeCommitFullAccess ├── AWSCodeCommitPowerUser ├── AWSCodeCommitReadOnly ├── AWSCodeDeployDeployerAccess ├── AWSCodeDeployFullAccess ├── AWSCodeDeployReadOnlyAccess ├── AWSCodeDeployRole ├── AWSCodeDeployRoleForCloudFormation ├── AWSCodeDeployRoleForECS ├── AWSCodeDeployRoleForECSLimited ├── AWSCodeDeployRoleForLambda ├── AWSCodeDeployRoleForLambdaLimited ├── AWSCodePipelineApproverAccess ├── AWSCodePipelineCustomActionAccess ├── AWSCodePipelineFullAccess ├── AWSCodePipelineReadOnlyAccess ├── AWSCodePipeline_FullAccess ├── AWSCodePipeline_ReadOnlyAccess ├── AWSCodeStarFullAccess ├── AWSCodeStarNotificationsServiceRolePolicy ├── AWSCodeStarServiceRole ├── AWSCompromisedKeyQuarantine ├── AWSCompromisedKeyQuarantineV2 ├── AWSConfigMultiAccountSetupPolicy ├── AWSConfigRemediationServiceRolePolicy ├── AWSConfigRole ├── AWSConfigRoleForOrganizations ├── AWSConfigRulesExecutionRole ├── AWSConfigServiceRolePolicy ├── AWSConfigUserAccess ├── AWSConnector ├── AWSControlTowerServiceRolePolicy ├── AWSCostAndUsageReportAutomationPolicy ├── AWSDataExchangeFullAccess ├── AWSDataExchangeProviderFullAccess ├── AWSDataExchangeReadOnly ├── AWSDataExchangeSubscriberFullAccess ├── AWSDataLifecycleManagerServiceRole ├── AWSDataLifecycleManagerServiceRoleForAMIManagement ├── AWSDataPipelineRole ├── AWSDataPipeline_FullAccess ├── AWSDataPipeline_PowerUser ├── AWSDataSyncFullAccess ├── AWSDataSyncReadOnlyAccess ├── AWSDeepLensLambdaFunctionAccessPolicy ├── AWSDeepLensServiceRolePolicy ├── AWSDeepRacerAccountAdminAccess ├── AWSDeepRacerCloudFormationAccessPolicy ├── AWSDeepRacerDefaultMultiUserAccess ├── AWSDeepRacerFullAccess ├── AWSDeepRacerRoboMakerAccessPolicy ├── AWSDeepRacerServiceRolePolicy ├── AWSDenyAll ├── AWSDeviceFarmFullAccess ├── AWSDeviceFarmTestGridServiceRolePolicy ├── AWSDirectConnectFullAccess ├── AWSDirectConnectReadOnlyAccess ├── AWSDirectConnectServiceRolePolicy ├── AWSDirectoryServiceFullAccess ├── AWSDirectoryServiceReadOnlyAccess ├── AWSDiscoveryContinuousExportFirehosePolicy ├── AWSEC2CapacityReservationFleetRolePolicy ├── AWSEC2FleetServiceRolePolicy ├── AWSEC2SpotFleetServiceRolePolicy ├── AWSEC2SpotServiceRolePolicy ├── AWSECRPullThroughCacheServiceRolePolicy ├── AWSECRPullThroughCache_ServiceRolePolicy ├── AWSElasticBeanstalkCustomPlatformforEC2Role ├── AWSElasticBeanstalkEnhancedHealth ├── AWSElasticBeanstalkFullAccess ├── AWSElasticBeanstalkMaintenance ├── AWSElasticBeanstalkManagedUpdatesCustomerRolePolicy ├── AWSElasticBeanstalkManagedUpdatesServiceRolePolicy ├── AWSElasticBeanstalkMulticontainerDocker ├── AWSElasticBeanstalkReadOnly ├── AWSElasticBeanstalkReadOnlyAccess ├── AWSElasticBeanstalkRoleCWL ├── AWSElasticBeanstalkRoleCore ├── AWSElasticBeanstalkRoleECS ├── AWSElasticBeanstalkRoleRDS ├── AWSElasticBeanstalkRoleSNS ├── AWSElasticBeanstalkRoleWorkerTier ├── AWSElasticBeanstalkService ├── AWSElasticBeanstalkServiceRolePolicy ├── AWSElasticBeanstalkWebTier ├── AWSElasticBeanstalkWorkerTier ├── AWSElasticDisasterRecoveryAgentInstallationPolicy ├── AWSElasticDisasterRecoveryAgentPolicy ├── AWSElasticDisasterRecoveryConsoleFullAccess ├── AWSElasticDisasterRecoveryConversionServerPolicy ├── AWSElasticDisasterRecoveryFailbackInstallationPolicy ├── AWSElasticDisasterRecoveryFailbackPolicy ├── AWSElasticDisasterRecoveryReadOnlyAccess ├── AWSElasticDisasterRecoveryRecoveryInstancePolicy ├── AWSElasticDisasterRecoveryReplicationServerPolicy ├── AWSElasticDisasterRecoveryServiceRolePolicy ├── AWSElasticLoadBalancingClassicServiceRolePolicy ├── AWSElasticLoadBalancingServiceRolePolicy ├── AWSElementalMediaConvertFullAccess ├── AWSElementalMediaConvertReadOnly ├── AWSElementalMediaLiveFullAccess ├── AWSElementalMediaLiveReadOnly ├── AWSElementalMediaPackageFullAccess ├── AWSElementalMediaPackageReadOnly ├── AWSElementalMediaStoreFullAccess ├── AWSElementalMediaStoreReadOnly ├── AWSElementalMediaTailorFullAccess ├── AWSElementalMediaTailorReadOnly ├── AWSEnhancedClassicNetworkingMangementPolicy ├── AWSFMAdminFullAccess ├── AWSFMAdminReadOnlyAccess ├── AWSFMMemberReadOnlyAccess ├── AWSForWordPressPluginPolicy ├── AWSGlobalAcceleratorSLRPolicy ├── AWSGlueConsoleFullAccess ├── AWSGlueConsoleSageMakerNotebookFullAccess ├── AWSGlueDataBrewServiceRole ├── AWSGlueSchemaRegistryFullAccess ├── AWSGlueSchemaRegistryReadonlyAccess ├── AWSGlueServiceNotebookRole ├── AWSGlueServiceRole ├── AWSGrafanaAccountAdministrator ├── AWSGrafanaConsoleReadOnlyAccess ├── AWSGrafanaWorkspacePermissionManagement ├── AWSGreengrassFullAccess ├── AWSGreengrassReadOnlyAccess ├── AWSGreengrassResourceAccessRolePolicy ├── AWSHealthFullAccess ├── AWSIPAMServiceRolePolicy ├── AWSIQContractServiceRolePolicy ├── AWSIQFullAccess ├── AWSIQPermissionServiceRolePolicy ├── AWSIdentitySyncFullAccess ├── AWSIdentitySyncReadOnlyAccess ├── AWSImageBuilderFullAccess ├── AWSImageBuilderReadOnlyAccess ├── AWSImportExportFullAccess ├── AWSImportExportReadOnlyAccess ├── AWSIncidentManagerResolverAccess ├── AWSIncidentManagerServiceRolePolicy ├── AWSIoT1ClickFullAccess ├── AWSIoT1ClickReadOnlyAccess ├── AWSIoTAnalyticsFullAccess ├── AWSIoTAnalyticsReadOnlyAccess ├── AWSIoTConfigAccess ├── AWSIoTConfigReadOnlyAccess ├── AWSIoTDataAccess ├── AWSIoTDeviceDefenderAddThingsToThingGroupMitigationAction ├── AWSIoTDeviceDefenderAudit ├── AWSIoTDeviceDefenderEnableIoTLoggingMitigationAction ├── AWSIoTDeviceDefenderPublishFindingsToSNSMitigationAction ├── AWSIoTDeviceDefenderReplaceDefaultPolicyMitigationAction ├── AWSIoTDeviceDefenderUpdateCACertMitigationAction ├── AWSIoTDeviceDefenderUpdateDeviceCertMitigationAction ├── AWSIoTDeviceTesterForFreeRTOSFullAccess ├── AWSIoTDeviceTesterForGreengrassFullAccess ├── AWSIoTEventsFullAccess ├── AWSIoTEventsReadOnlyAccess ├── AWSIoTFleetHubFederationAccess ├── AWSIoTFullAccess ├── AWSIoTLogging ├── AWSIoTOTAUpdate ├── AWSIoTRuleActions ├── AWSIoTSiteWiseConsoleFullAccess ├── AWSIoTSiteWiseFullAccess ├── AWSIoTSiteWiseMonitorPortalAccess ├── AWSIoTSiteWiseMonitorServiceRolePolicy ├── AWSIoTSiteWiseReadOnlyAccess ├── AWSIoTThingsRegistration ├── AWSIoTWirelessDataAccess ├── AWSIoTWirelessFullAccess ├── AWSIoTWirelessFullPublishAccess ├── AWSIoTWirelessGatewayCertManager ├── AWSIoTWirelessLogging ├── AWSIoTWirelessReadOnlyAccess ├── AWSIotRoboRunnerFullAccess ├── AWSIotRoboRunnerReadOnly ├── AWSKeyManagementServiceCustomKeyStoresServiceRolePolicy ├── AWSKeyManagementServiceMultiRegionKeysServiceRolePolicy ├── AWSKeyManagementServicePowerUser ├── AWSLakeFormationCrossAccountManager ├── AWSLakeFormationDataAdmin ├── AWSLambdaBasicExecutionRole ├── AWSLambdaDynamoDBExecutionRole ├── AWSLambdaENIManagementAccess ├── AWSLambdaExecute ├── AWSLambdaFullAccess ├── AWSLambdaInvocation-DynamoDB ├── AWSLambdaKinesisExecutionRole ├── AWSLambdaMSKExecutionRole ├── AWSLambdaReadOnlyAccess ├── AWSLambdaReplicator ├── AWSLambdaReplicatorInternal ├── AWSLambdaRole ├── AWSLambdaSQSQueueExecutionRole ├── AWSLambdaVPCAccessExecutionRole ├── AWSLambda_FullAccess ├── AWSLambda_ReadOnlyAccess ├── AWSLicenseManagerConsumptionPolicy ├── AWSLicenseManagerMasterAccountRolePolicy ├── AWSLicenseManagerMemberAccountRolePolicy ├── AWSLicenseManagerServiceRolePolicy ├── AWSMarketplaceAmiIngestion ├── AWSMarketplaceFullAccess ├── AWSMarketplaceGetEntitlements ├── AWSMarketplaceImageBuildFullAccess ├── AWSMarketplaceLicenseManagementServiceRolePolicy ├── AWSMarketplaceManageSubscriptions ├── AWSMarketplaceMeteringFullAccess ├── AWSMarketplaceMeteringRegisterUsage ├── AWSMarketplaceProcurementSystemAdminFullAccess ├── AWSMarketplacePurchaseOrdersServiceRolePolicy ├── AWSMarketplaceRead-only ├── AWSMarketplaceSellerFullAccess ├── AWSMarketplaceSellerProductsFullAccess ├── AWSMarketplaceSellerProductsReadOnly ├── AWSMediaTailorServiceRolePolicy ├── AWSMigrationHubDMSAccess ├── AWSMigrationHubDiscoveryAccess ├── AWSMigrationHubFullAccess ├── AWSMigrationHubRefactorSpacesFullAccess ├── AWSMigrationHubRefactorSpacesServiceRolePolicy ├── AWSMigrationHubSMSAccess ├── AWSMigrationHubStrategyCollector ├── AWSMigrationHubStrategyConsoleFullAccess ├── AWSMigrationHubStrategyServiceRolePolicy ├── AWSMobileHub_FullAccess ├── AWSMobileHub_ReadOnly ├── AWSNetworkFirewallServiceRolePolicy ├── AWSNetworkManagerFullAccess ├── AWSNetworkManagerReadOnlyAccess ├── AWSNetworkManagerServiceRolePolicy ├── AWSOpsWorksCMInstanceProfileRole ├── AWSOpsWorksCMServiceRole ├── AWSOpsWorksCloudWatchLogs ├── AWSOpsWorksFullAccess ├── AWSOpsWorksInstanceRegistration ├── AWSOpsWorksRegisterCLI ├── AWSOpsWorksRegisterCLI_EC2 ├── AWSOpsWorksRegisterCLI_OnPremises ├── AWSOpsWorksRole ├── AWSOpsWorks_FullAccess ├── AWSOrganizationsFullAccess ├── AWSOrganizationsReadOnlyAccess ├── AWSOrganizationsServiceTrustPolicy ├── AWSOutpostsServiceRolePolicy ├── AWSPanoramaApplianceRolePolicy ├── AWSPanoramaApplianceServiceRolePolicy ├── AWSPanoramaFullAccess ├── AWSPanoramaGreengrassGroupRolePolicy ├── AWSPanoramaSageMakerRolePolicy ├── AWSPanoramaServiceLinkedRolePolicy ├── AWSPanoramaServiceRolePolicy ├── AWSPriceListServiceFullAccess ├── AWSPrivateMarketplaceAdminFullAccess ├── AWSPrivateMarketplaceRequests ├── AWSPrivateNetworksServiceRolePolicy ├── AWSProtonDeveloperAccess ├── AWSProtonFullAccess ├── AWSProtonReadOnlyAccess ├── AWSProtonSyncServiceRolePolicy ├── AWSPurchaseOrdersServiceRolePolicy ├── AWSQuickSightDescribeRDS ├── AWSQuickSightDescribeRedshift ├── AWSQuickSightElasticsearchPolicy ├── AWSQuickSightIoTAnalyticsAccess ├── AWSQuickSightListIAM ├── AWSQuickSightSageMakerPolicy ├── AWSQuickSightTimestreamPolicy ├── AWSQuicksightAthenaAccess ├── AWSQuicksightOpenSearchPolicy ├── AWSResourceAccessManagerFullAccess ├── AWSResourceAccessManagerReadOnlyAccess ├── AWSResourceAccessManagerResourceShareParticipantAccess ├── AWSResourceAccessManagerServiceRolePolicy ├── AWSResourceGroupsReadOnlyAccess ├── AWSRoboMakerFullAccess ├── AWSRoboMakerReadOnlyAccess ├── AWSRoboMakerServicePolicy ├── AWSRoboMakerServiceRolePolicy ├── AWSRoboMaker_FullAccess ├── AWSSSMOpsInsightsServiceRolePolicy ├── AWSSSODirectoryAdministrator ├── AWSSSODirectoryReadOnly ├── AWSSSOMasterAccountAdministrator ├── AWSSSOMemberAccountAdministrator ├── AWSSSOReadOnly ├── AWSSSOServiceRolePolicy ├── AWSSavingsPlansFullAccess ├── AWSSavingsPlansReadOnlyAccess ├── AWSSchemasServiceRolePolicy ├── AWSSecurityHubFullAccess ├── AWSSecurityHubOrganizationsAccess ├── AWSSecurityHubReadOnlyAccess ├── AWSSecurityHubServiceRolePolicy ├── AWSServiceCatalogAdminFullAccess ├── AWSServiceCatalogAdminReadOnlyAccess ├── AWSServiceCatalogAppRegistryFullAccess ├── AWSServiceCatalogAppRegistryReadOnlyAccess ├── AWSServiceCatalogAppRegistryServiceRolePolicy ├── AWSServiceCatalogEndUserFullAccess ├── AWSServiceCatalogEndUserReadOnlyAccess ├── AWSServiceRoleForAmazonEKSNodegroup ├── AWSServiceRoleForCloudWatchAlarmsActionSSMServiceRolePolicy ├── AWSServiceRoleForCodeGuru-Profiler ├── AWSServiceRoleForCodeGuruProfiler ├── AWSServiceRoleForEC2ScheduledInstances ├── AWSServiceRoleForGammaInternalAmazonEKSNodegroup ├── AWSServiceRoleForImageBuilder ├── AWSServiceRoleForIoTSiteWise ├── AWSServiceRoleForLogDeliveryPolicy ├── AWSServiceRoleForMonitronPolicy ├── AWSServiceRoleForSMS ├── AWSServiceRoleForThorInternalDevPolicy ├── AWSServiceRolePolicyForBackupReports ├── AWSShieldDRTAccessPolicy ├── AWSShieldServiceRolePolicy ├── AWSStepFunctionsConsoleFullAccess ├── AWSStepFunctionsFullAccess ├── AWSStepFunctionsReadOnlyAccess ├── AWSStorageGatewayFullAccess ├── AWSStorageGatewayReadOnlyAccess ├── AWSStorageGatewayServiceRolePolicy ├── AWSSupportAccess ├── AWSSupportServiceRolePolicy ├── AWSSystemsManagerAccountDiscoveryServicePolicy ├── AWSSystemsManagerChangeManagementServicePolicy ├── AWSSystemsManagerOpsDataSyncServiceRolePolicy ├── AWSThinkboxAWSPortalAdminPolicy ├── AWSThinkboxAWSPortalGatewayPolicy ├── AWSThinkboxAWSPortalWorkerPolicy ├── AWSThinkboxAssetServerPolicy ├── AWSThinkboxDeadlineResourceTrackerAccessPolicy ├── AWSThinkboxDeadlineResourceTrackerAdminPolicy ├── AWSThinkboxDeadlineSpotEventPluginAdminPolicy ├── AWSThinkboxDeadlineSpotEventPluginWorkerPolicy ├── AWSTransferConsoleFullAccess ├── AWSTransferFullAccess ├── AWSTransferLoggingAccess ├── AWSTransferReadOnlyAccess ├── AWSTrustedAdvisorReportingServiceRolePolicy ├── AWSTrustedAdvisorServiceRolePolicy ├── AWSVPCS2SVpnServiceRolePolicy ├── AWSVPCTransitGatewayServiceRolePolicy ├── AWSWAFConsoleFullAccess ├── AWSWAFConsoleReadOnlyAccess ├── AWSWAFFullAccess ├── AWSWAFReadOnlyAccess ├── AWSXRayDaemonWriteAccess ├── AWSXrayFullAccess ├── AWSXrayReadOnlyAccess ├── AWSXrayWriteOnlyAccess ├── AWS_ConfigRole ├── AWS_Config_Role ├── AccessAnalyzerServiceRolePolicy ├── AdministratorAccess ├── AdministratorAccess-AWSElasticBeanstalk ├── AdministratorAccess-Amplify ├── AlexaForBusinessDeviceSetup ├── AlexaForBusinessFullAccess ├── AlexaForBusinessGatewayExecution ├── AlexaForBusinessLifesizeDelegatedAccessPolicy ├── AlexaForBusinessNetworkProfileServicePolicy ├── AlexaForBusinessPolyDelegatedAccessPolicy ├── AlexaForBusinessReadOnlyAccess ├── AmazonAPIGatewayAdministrator ├── AmazonAPIGatewayInvokeFullAccess ├── AmazonAPIGatewayPushToCloudWatchLogs ├── AmazonAppFlowFullAccess ├── AmazonAppFlowReadOnlyAccess ├── AmazonAppStreamFullAccess ├── AmazonAppStreamReadOnlyAccess ├── AmazonAppStreamServiceAccess ├── AmazonApplicationWizardFullaccess ├── AmazonAthenaFullAccess ├── AmazonAugmentedAIFullAccess ├── AmazonAugmentedAIHumanLoopFullAccess ├── AmazonAugmentedAIIntegratedAPIAccess ├── AmazonBraketFullAccess ├── AmazonBraketJobsExecutionPolicy ├── AmazonBraketServiceRolePolicy ├── AmazonChimeFullAccess ├── AmazonChimeReadOnly ├── AmazonChimeSDK ├── AmazonChimeServiceRolePolicy ├── AmazonChimeTranscriptionServiceLinkedRolePolicy ├── AmazonChimeUserManagement ├── AmazonChimeVoiceConnectorServiceLinkedRolePolicy ├── AmazonCirrusGammaRoleForInstaller ├── AmazonCloudDirectoryFullAccess ├── AmazonCloudDirectoryReadOnlyAccess ├── AmazonCloudWatchEvidentlyFullAccess ├── AmazonCloudWatchEvidentlyReadOnlyAccess ├── AmazonCloudWatchRUMFullAccess ├── AmazonCloudWatchRUMReadOnlyAccess ├── AmazonCloudWatchRUMServiceRolePolicy ├── AmazonCodeGuruProfilerAgentAccess ├── AmazonCodeGuruProfilerFullAccess ├── AmazonCodeGuruProfilerReadOnlyAccess ├── AmazonCodeGuruReviewerFullAccess ├── AmazonCodeGuruReviewerReadOnlyAccess ├── AmazonCodeGuruReviewerServiceRolePolicy ├── AmazonCognitoDeveloperAuthenticatedIdentities ├── AmazonCognitoIdpEmailServiceRolePolicy ├── AmazonCognitoIdpServiceRolePolicy ├── AmazonCognitoPowerUser ├── AmazonCognitoReadOnly ├── AmazonConnectCampaignsServiceLinkedRolePolicy ├── AmazonConnectFullAccess ├── AmazonConnectReadOnlyAccess ├── AmazonConnectServiceLinkedRolePolicy ├── AmazonConnectVoiceIDFullAccess ├── AmazonConnect_FullAccess ├── AmazonDMSCloudWatchLogsRole ├── AmazonDMSRedshiftS3Role ├── AmazonDMSVPCManagementRole ├── AmazonDRSVPCManagement ├── AmazonDetectiveFullAccess ├── AmazonDetectiveServiceLinkedRolePolicy ├── AmazonDevOpsGuruConsoleFullAccess ├── AmazonDevOpsGuruFullAccess ├── AmazonDevOpsGuruOrganizationsAccess ├── AmazonDevOpsGuruReadOnlyAccess ├── AmazonDevOpsGuruServiceRolePolicy ├── AmazonDocDBConsoleFullAccess ├── AmazonDocDBFullAccess ├── AmazonDocDBReadOnlyAccess ├── AmazonDynamoDBFullAccess ├── AmazonDynamoDBFullAccesswithDataPipeline ├── AmazonDynamoDBReadOnlyAccess ├── AmazonEC2ContainerRegistryFullAccess ├── AmazonEC2ContainerRegistryPowerUser ├── AmazonEC2ContainerRegistryReadOnly ├── AmazonEC2ContainerServiceAutoscaleRole ├── AmazonEC2ContainerServiceEventsRole ├── AmazonEC2ContainerServiceFullAccess ├── AmazonEC2ContainerServiceRole ├── AmazonEC2ContainerServiceforEC2Role ├── AmazonEC2FullAccess ├── AmazonEC2ReadOnlyAccess ├── AmazonEC2ReportsAccess ├── AmazonEC2RolePolicyForApplicationWizard ├── AmazonEC2RolePolicyForLaunchWizard ├── AmazonEC2RoleforAWSCodeDeploy ├── AmazonEC2RoleforAWSCodeDeployLimited ├── AmazonEC2RoleforDataPipelineRole ├── AmazonEC2RoleforSSM ├── AmazonEC2SpotFleetAutoscaleRole ├── AmazonEC2SpotFleetRole ├── AmazonEC2SpotFleetTaggingRole ├── AmazonECSServiceRolePolicy ├── AmazonECSTaskExecutionRolePolicy ├── AmazonECS_FullAccess ├── AmazonEKSClusterPolicy ├── AmazonEKSConnectorServiceRolePolicy ├── AmazonEKSFargatePodExecutionRolePolicy ├── AmazonEKSForFargateServiceRolePolicy ├── AmazonEKSServicePolicy ├── AmazonEKSServiceRolePolicy ├── AmazonEKSVPCResourceController ├── AmazonEKSWorkerNodePolicy ├── AmazonEKS_CNI_Policy ├── AmazonEMRCleanupPolicy ├── AmazonEMRContainersServiceRolePolicy ├── AmazonEMRFullAccessPolicy_v2 ├── AmazonEMRReadOnlyAccessPolicy_v2 ├── AmazonEMRServicePolicy_v2 ├── AmazonESCognitoAccess ├── AmazonESFullAccess ├── AmazonESReadOnlyAccess ├── AmazonElastiCacheFullAccess ├── AmazonElastiCacheReadOnlyAccess ├── AmazonElasticContainerRegistryPublicFullAccess ├── AmazonElasticContainerRegistryPublicPowerUser ├── AmazonElasticContainerRegistryPublicReadOnly ├── AmazonElasticFileSystemClientFullAccess ├── AmazonElasticFileSystemClientReadOnlyAccess ├── AmazonElasticFileSystemClientReadWriteAccess ├── AmazonElasticFileSystemFullAccess ├── AmazonElasticFileSystemReadOnlyAccess ├── AmazonElasticFileSystemServiceRolePolicy ├── AmazonElasticFileSystemsUtils ├── AmazonElasticMapReduceEditorsRole ├── AmazonElasticMapReduceFullAccess ├── AmazonElasticMapReducePlacementGroupPolicy ├── AmazonElasticMapReduceReadOnlyAccess ├── AmazonElasticMapReduceRole ├── AmazonElasticMapReduceforAutoScalingRole ├── AmazonElasticMapReduceforEC2Role ├── AmazonElasticTranscoderRole ├── AmazonElasticTranscoder_FullAccess ├── AmazonElasticTranscoder_JobsSubmitter ├── AmazonElasticTranscoder_ReadOnlyAccess ├── AmazonElasticsearchServiceRolePolicy ├── AmazonEventBridgeApiDestinationsServiceRolePolicy ├── AmazonEventBridgeFullAccess ├── AmazonEventBridgeReadOnlyAccess ├── AmazonEventBridgeSchemasFullAccess ├── AmazonEventBridgeSchemasReadOnlyAccess ├── AmazonEventBridgeSchemasServiceRolePolicy ├── AmazonEverestServicePolicy ├── AmazonFISServiceRolePolicy ├── AmazonFSxConsoleFullAccess ├── AmazonFSxConsoleReadOnlyAccess ├── AmazonFSxFullAccess ├── AmazonFSxReadOnlyAccess ├── AmazonFSxServiceRolePolicy ├── AmazonForecastFullAccess ├── AmazonFraudDetectorFullAccessPolicy ├── AmazonFreeRTOSFullAccess ├── AmazonFreeRTOSOTAUpdate ├── AmazonGlacierFullAccess ├── AmazonGlacierReadOnlyAccess ├── AmazonGrafanaAthenaAccess ├── AmazonGrafanaRedshiftAccess ├── AmazonGuardDutyFullAccess ├── AmazonGuardDutyReadOnlyAccess ├── AmazonGuardDutyServiceRolePolicy ├── AmazonHealthLakeFullAccess ├── AmazonHealthLakeReadOnlyAccess ├── AmazonHoneycodeFullAccess ├── AmazonHoneycodeReadOnlyAccess ├── AmazonHoneycodeServiceRolePolicy ├── AmazonHoneycodeTeamAssociationFullAccess ├── AmazonHoneycodeTeamAssociationReadOnlyAccess ├── AmazonHoneycodeWorkbookFullAccess ├── AmazonHoneycodeWorkbookReadOnlyAccess ├── AmazonInspector2FullAccess ├── AmazonInspector2ReadOnlyAccess ├── AmazonInspector2ServiceRolePolicy ├── AmazonInspectorFullAccess ├── AmazonInspectorReadOnlyAccess ├── AmazonInspectorServiceRolePolicy ├── AmazonKendraFullAccess ├── AmazonKendraReadOnlyAccess ├── AmazonKeyspacesFullAccess ├── AmazonKeyspacesReadOnlyAccess ├── AmazonKinesisAnalyticsFullAccess ├── AmazonKinesisAnalyticsReadOnly ├── AmazonKinesisFirehoseFullAccess ├── AmazonKinesisFirehoseReadOnlyAccess ├── AmazonKinesisFullAccess ├── AmazonKinesisReadOnlyAccess ├── AmazonKinesisVideoStreamsFullAccess ├── AmazonKinesisVideoStreamsReadOnlyAccess ├── AmazonLambdaRolePolicyForLaunchWizardSAP ├── AmazonLaunchWizardFullaccess ├── AmazonLaunchWizard_Fullaccess ├── AmazonLexChannelsAccess ├── AmazonLexFullAccess ├── AmazonLexReadOnly ├── AmazonLexRunBotsOnly ├── AmazonLexV2BotPolicy ├── AmazonLookoutEquipmentFullAccess ├── AmazonLookoutEquipmentReadOnlyAccess ├── AmazonLookoutMetricsFullAccess ├── AmazonLookoutMetricsReadOnlyAccess ├── AmazonLookoutVisionConsoleFullAccess ├── AmazonLookoutVisionConsoleReadOnlyAccess ├── AmazonLookoutVisionFullAccess ├── AmazonLookoutVisionReadOnlyAccess ├── AmazonMCSFullAccess ├── AmazonMCSReadOnlyAccess ├── AmazonMQApiFullAccess ├── AmazonMQApiReadOnlyAccess ├── AmazonMQFullAccess ├── AmazonMQReadOnlyAccess ├── AmazonMQServiceRolePolicy ├── AmazonMSKConnectReadOnlyAccess ├── AmazonMSKFullAccess ├── AmazonMSKReadOnlyAccess ├── AmazonMWAAServiceRolePolicy ├── AmazonMachineLearningBatchPredictionsAccess ├── AmazonMachineLearningCreateOnlyAccess ├── AmazonMachineLearningFullAccess ├── AmazonMachineLearningManageRealTimeEndpointOnlyAccess ├── AmazonMachineLearningReadOnlyAccess ├── AmazonMachineLearningRealTimePredictionOnlyAccess ├── AmazonMachineLearningRoleforRedshiftDataSource ├── AmazonMachineLearningRoleforRedshiftDataSourceV2 ├── AmazonMachineLearningRoleforRedshiftDataSourceV3 ├── AmazonMacieFullAccess ├── AmazonMacieHandshakeRole ├── AmazonMacieServiceRole ├── AmazonMacieServiceRolePolicy ├── AmazonMacieSetupRole ├── AmazonManagedBlockchainConsoleFullAccess ├── AmazonManagedBlockchainFullAccess ├── AmazonManagedBlockchainReadOnlyAccess ├── AmazonManagedBlockchainServiceRolePolicy ├── AmazonMechanicalTurkCrowdFullAccess ├── AmazonMechanicalTurkCrowdReadOnlyAccess ├── AmazonMechanicalTurkFullAccess ├── AmazonMechanicalTurkReadOnly ├── AmazonMemoryDBFullAccess ├── AmazonMemoryDBReadOnlyAccess ├── AmazonMobileAnalyticsFinancialReportAccess ├── AmazonMobileAnalyticsFullAccess ├── AmazonMobileAnalyticsNon-financialReportAccess ├── AmazonMobileAnalyticsWriteOnlyAccess ├── AmazonMonitronFullAccess ├── AmazonNimbleStudio-LaunchProfileWorker ├── AmazonNimbleStudio-StudioAdmin ├── AmazonNimbleStudio-StudioUser ├── AmazonOpenSearchServiceCognitoAccess ├── AmazonOpenSearchServiceFullAccess ├── AmazonOpenSearchServiceReadOnlyAccess ├── AmazonOpenSearchServiceRolePolicy ├── AmazonPersonalizeFullAccess ├── AmazonPollyFullAccess ├── AmazonPollyReadOnlyAccess ├── AmazonPrometheusConsoleFullAccess ├── AmazonPrometheusFullAccess ├── AmazonPrometheusQueryAccess ├── AmazonPrometheusRemoteWriteAccess ├── AmazonQLDBConsoleFullAccess ├── AmazonQLDBFullAccess ├── AmazonQLDBReadOnly ├── AmazonRDSBetaServiceRolePolicy ├── AmazonRDSCustomPreviewServiceRolePolicy ├── AmazonRDSCustomServiceRolePolicy ├── AmazonRDSDataFullAccess ├── AmazonRDSDirectoryServiceAccess ├── AmazonRDSEnhancedMonitoringRole ├── AmazonRDSFullAccess ├── AmazonRDSPreviewServiceRolePolicy ├── AmazonRDSReadOnlyAccess ├── AmazonRDSServiceRolePolicy ├── AmazonRedshiftAllCommandsFullAccess ├── AmazonRedshiftDataFullAccess ├── AmazonRedshiftFullAccess ├── AmazonRedshiftQueryEditor ├── AmazonRedshiftQueryEditorV2FullAccess ├── AmazonRedshiftQueryEditorV2NoSharing ├── AmazonRedshiftQueryEditorV2ReadSharing ├── AmazonRedshiftQueryEditorV2ReadWriteSharing ├── AmazonRedshiftReadOnlyAccess ├── AmazonRedshiftServiceLinkedRolePolicy ├── AmazonRekognitionCustomLabelsFullAccess ├── AmazonRekognitionFullAccess ├── AmazonRekognitionReadOnlyAccess ├── AmazonRekognitionServiceRole ├── AmazonRoute53AutoNamingFullAccess ├── AmazonRoute53AutoNamingReadOnlyAccess ├── AmazonRoute53AutoNamingRegistrantAccess ├── AmazonRoute53DomainsFullAccess ├── AmazonRoute53DomainsReadOnlyAccess ├── AmazonRoute53FullAccess ├── AmazonRoute53ReadOnlyAccess ├── AmazonRoute53RecoveryClusterFullAccess ├── AmazonRoute53RecoveryClusterReadOnlyAccess ├── AmazonRoute53RecoveryControlConfigFullAccess ├── AmazonRoute53RecoveryControlConfigReadOnlyAccess ├── AmazonRoute53RecoveryReadinessFullAccess ├── AmazonRoute53RecoveryReadinessReadOnlyAccess ├── AmazonRoute53ResolverFullAccess ├── AmazonRoute53ResolverReadOnlyAccess ├── AmazonS3FullAccess ├── AmazonS3ObjectLambdaExecutionRolePolicy ├── AmazonS3OutpostsFullAccess ├── AmazonS3OutpostsReadOnlyAccess ├── AmazonS3ReadOnlyAccess ├── AmazonSESFullAccess ├── AmazonSESReadOnlyAccess ├── AmazonSNSFullAccess ├── AmazonSNSReadOnlyAccess ├── AmazonSNSRole ├── AmazonSQSFullAccess ├── AmazonSQSReadOnlyAccess ├── AmazonSSMAutomationApproverAccess ├── AmazonSSMAutomationRole ├── AmazonSSMDirectoryServiceAccess ├── AmazonSSMFullAccess ├── AmazonSSMMaintenanceWindowRole ├── AmazonSSMManagedInstanceCore ├── AmazonSSMPatchAssociation ├── AmazonSSMReadOnlyAccess ├── AmazonSSMServiceRolePolicy ├── AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy ├── AmazonSageMakerCoreServiceRolePolicy ├── AmazonSageMakerEdgeDeviceFleetPolicy ├── AmazonSageMakerFeatureStoreAccess ├── AmazonSageMakerFullAccess ├── AmazonSageMakerGroundTruthExecution ├── AmazonSageMakerMechanicalTurkAccess ├── AmazonSageMakerNotebooksServiceRolePolicy ├── AmazonSageMakerPipelinesIntegrations ├── AmazonSageMakerReadOnly ├── AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy ├── AmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy ├── AmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy ├── AmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy ├── AmazonSumerianFullAccess ├── AmazonTextractFullAccess ├── AmazonTextractServiceRole ├── AmazonTimestreamConsoleFullAccess ├── AmazonTimestreamFullAccess ├── AmazonTimestreamReadOnlyAccess ├── AmazonTranscribeFullAccess ├── AmazonTranscribeReadOnlyAccess ├── AmazonVPCCrossAccountNetworkInterfaceOperations ├── AmazonVPCFullAccess ├── AmazonVPCReadOnlyAccess ├── AmazonWorkDocsFullAccess ├── AmazonWorkDocsReadOnlyAccess ├── AmazonWorkLinkFullAccess ├── AmazonWorkLinkReadOnly ├── AmazonWorkLinkServiceRolePolicy ├── AmazonWorkMailEventsServiceRolePolicy ├── AmazonWorkMailFullAccess ├── AmazonWorkMailMessageFlowFullAccess ├── AmazonWorkMailMessageFlowReadOnlyAccess ├── AmazonWorkMailReadOnlyAccess ├── AmazonWorkSpacesAdmin ├── AmazonWorkSpacesApplicationManagerAdminAccess ├── AmazonWorkSpacesSelfServiceAccess ├── AmazonWorkSpacesServiceAccess ├── AmazonWorkSpacesWebReadOnly ├── AmazonWorkSpacesWebServiceRolePolicy ├── AmazonZocaloFullAccess ├── AmazonZocaloReadOnlyAccess ├── AppRunnerNetworkingServiceRolePolicy ├── AppRunnerServiceRolePolicy ├── ApplicationAutoScalingForAmazonAppStreamAccess ├── ApplicationDiscoveryServiceContinuousExportServiceRolePolicy ├── AutoScalingConsoleFullAccess ├── AutoScalingConsoleReadOnlyAccess ├── AutoScalingFullAccess ├── AutoScalingNotificationAccessRole ├── AutoScalingReadOnlyAccess ├── AutoScalingServiceRolePolicy ├── AwsGlueDataBrewFullAccessPolicy ├── BatchServiceRolePolicy ├── Billing ├── CertificateManagerServiceRolePolicy ├── CheesepuffsServiceRolePolicy ├── ClientVPNServiceConnectionsRolePolicy ├── ClientVPNServiceRolePolicy ├── CloudFormationStackSetsOrgAdminServiceRolePolicy ├── CloudFormationStackSetsOrgMemberServiceRolePolicy ├── CloudFrontFullAccess ├── CloudFrontReadOnlyAccess ├── CloudHSMServiceRolePolicy ├── CloudSearchFullAccess ├── CloudSearchReadOnlyAccess ├── CloudTrailServiceRolePolicy ├── CloudWatch-CrossAccountAccess ├── CloudWatchActionsEC2Access ├── CloudWatchAgentAdminPolicy ├── CloudWatchAgentServerPolicy ├── CloudWatchApplicationInsightsFullAccess ├── CloudWatchApplicationInsightsReadOnlyAccess ├── CloudWatchAutomaticDashboardsAccess ├── CloudWatchEventsBuiltInTargetExecutionAccess ├── CloudWatchEventsFullAccess ├── CloudWatchEventsInvocationAccess ├── CloudWatchEventsReadOnlyAccess ├── CloudWatchEventsServiceRolePolicy ├── CloudWatchFullAccess ├── CloudWatchLambdaInsightsExecutionRolePolicy ├── CloudWatchLogsFullAccess ├── CloudWatchLogsReadOnlyAccess ├── CloudWatchReadOnlyAccess ├── CloudWatchSyntheticsFullAccess ├── CloudWatchSyntheticsReadOnlyAccess ├── CloudwatchApplicationInsightsServiceLinkedRolePolicy ├── ComprehendDataAccessRolePolicy ├── ComprehendFullAccess ├── ComprehendMedicalFullAccess ├── ComprehendReadOnly ├── ComputeOptimizerReadOnlyAccess ├── ComputeOptimizerServiceRolePolicy ├── ConfigConformsServiceRolePolicy ├── DAXServiceRolePolicy ├── DataScientist ├── DatabaseAdministrator ├── DynamoDBCloudWatchContributorInsightsServiceRolePolicy ├── DynamoDBKinesisReplicationServiceRolePolicy ├── DynamoDBReplicationServiceRolePolicy ├── EC2FastLaunchServiceRolePolicy ├── EC2FleetTimeShiftableServiceRolePolicy ├── EC2InstanceConnect ├── EC2InstanceProfileForImageBuilder ├── EC2InstanceProfileForImageBuilderECRContainerBuilds ├── ECRReplicationServiceRolePolicy ├── Ec2ImageBuilderCrossAccountDistributionAccess ├── ElastiCacheServiceRolePolicy ├── ElasticLoadBalancingFullAccess ├── ElasticLoadBalancingReadOnly ├── ElementalActivationsDownloadSoftwareAccess ├── ElementalActivationsFullAccess ├── ElementalActivationsGenerateLicenses ├── ElementalActivationsReadOnlyAccess ├── ElementalAppliancesSoftwareFullAccess ├── ElementalAppliancesSoftwareReadOnlyAccess ├── ElementalSupportCenterFullAccess ├── FMSServiceRolePolicy ├── FSxDeleteServiceLinkedRoleAccess ├── GameLiftGameServerGroupPolicy ├── GlobalAcceleratorFullAccess ├── GlobalAcceleratorReadOnlyAccess ├── GreengrassOTAUpdateArtifactAccess ├── Health_OrganizationsServiceRolePolicy ├── IAMAccessAdvisorReadOnly ├── IAMAccessAnalyzerFullAccess ├── IAMAccessAnalyzerReadOnlyAccess ├── IAMFullAccess ├── IAMReadOnlyAccess ├── IAMSelfManageServiceSpecificCredentials ├── IAMUserChangePassword ├── IAMUserSSHKeys ├── IVSRecordToS3 ├── KafkaConnectServiceRolePolicy ├── KafkaServiceRolePolicy ├── LakeFormationDataAccessServiceRolePolicy ├── LexBotPolicy ├── LexChannelPolicy ├── LightsailExportAccess ├── MediaPackageServiceRolePolicy ├── MemoryDBServiceRolePolicy ├── MigrationHubDMSAccessServiceRolePolicy ├── MigrationHubSMSAccessServiceRolePolicy ├── MigrationHubServiceRolePolicy ├── NeptuneConsoleFullAccess ├── NeptuneFullAccess ├── NeptuneReadOnlyAccess ├── NetworkAdministrator ├── PowerUserAccess ├── QuickSightAccessForS3StorageManagementAnalyticsReadOnly ├── RDSCloudHsmAuthorizationRole ├── ReadOnlyAccess ├── ResourceGroupsandTagEditorFullAccess ├── ResourceGroupsandTagEditorReadOnlyAccess ├── Route53RecoveryReadinessServiceRolePolicy ├── Route53ResolverServiceRolePolicy ├── S3StorageLensServiceRolePolicy ├── SecretsManagerReadWrite ├── SecurityAudit ├── ServerMigrationConnector ├── ServerMigrationServiceConsoleFullAccess ├── ServerMigrationServiceLaunchRole ├── ServerMigrationServiceRole ├── ServerMigrationServiceRoleForInstanceValidation ├── ServerMigration_ServiceRole ├── ServiceCatalogAdminReadOnlyAccess ├── ServiceCatalogEndUserAccess ├── ServiceQuotasFullAccess ├── ServiceQuotasReadOnlyAccess ├── ServiceQuotasServiceRolePolicy ├── SimpleWorkflowFullAccess ├── SupportUser ├── SystemAdministrator ├── TagGovernancePolicy ├── TagPoliciesServiceRolePolicy ├── TranslateFullAccess ├── TranslateReadOnly ├── VMImportExportRoleForAWSConnector ├── ViewOnlyAccess ├── WAFLoggingServiceRolePolicy ├── WAFRegionalLoggingServiceRolePolicy ├── WAFV2LoggingServiceRolePolicy ├── WellArchitectedConsoleFullAccess ├── WellArchitectedConsoleReadOnlyAccess └── WorkLinkServiceRolePolicy /.gitignore: -------------------------------------------------------------------------------- 1 | list-policies.json 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Collection of the AWS Managed IAM policies. These were acquired as follows: 2 | 3 | ``` 4 | aws iam list-policies > list-policies.json 5 | cat list-policies.json | jq -cr '.Policies[] | select(.Arn | contains("iam::aws"))|.Arn +" "+ .DefaultVersionId+" "+.PolicyName' | xargs -n3 sh -c 'aws iam get-policy-version --policy-arn $1 --version-id $2 > "policies/$3"' sh 6 | ``` 7 | 8 | This does the following: 9 | - Gets the list of all policies in the account 10 | - Finds the ones with an ARN containing "iam::aws", so that only the AWS managed policies are grabbed. 11 | - Gets the ARN, current version id, and policy name (needed so we don't have a slash like the ARN does for writing a file) 12 | - Calls `aws iam get-policy-version` with those values, and writes the output to a file using the policy name. 13 | -------------------------------------------------------------------------------- /policies/AWSAccountActivityAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "aws-portal:ViewBilling" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-02-06T18:41:18Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSAccountManagementFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "account:*", 9 | "Resource": "*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2021-09-30T23:20:37Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AWSAccountManagementReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "account:Get*", 10 | "account:List*" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2021-09-30T23:29:53Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSAccountUsageReportAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "aws-portal:ViewUsage" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-02-06T18:41:19Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSAppMeshEnvoyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "appmesh:StreamAggregatedResources" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2019-07-03T21:29:37Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSAppMeshPreviewEnvoyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "appmesh-preview:StreamAggregatedResources" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2019-08-05T23:32:39Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSAppRunnerReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "apprunner:List*", 10 | "apprunner:Describe*" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2022-02-24T21:24:15Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSAppRunnerServicePolicyForECRAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "ecr:GetDownloadUrlForLayer", 10 | "ecr:BatchGetImage", 11 | "ecr:DescribeImages", 12 | "ecr:GetAuthorizationToken", 13 | "ecr:BatchCheckLayerAvailability" 14 | ], 15 | "Resource": "*" 16 | } 17 | ] 18 | }, 19 | "VersionId": "v1", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2021-05-14T19:17:21Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSAppSyncInvokeFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "appsync:GraphQL", 10 | "appsync:GetGraphqlApi", 11 | "appsync:ListGraphqlApis", 12 | "appsync:ListApiKeys" 13 | ], 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2018-03-20T21:21:20Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSAppSyncPushToCloudWatchLogs: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "logs:CreateLogGroup", 10 | "logs:CreateLogStream", 11 | "logs:PutLogEvents" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2018-04-09T19:38:55Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSAppSyncServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "xray:PutTraceSegments", 10 | "xray:PutTelemetryRecords", 11 | "xray:GetSamplingTargets", 12 | "xray:GetSamplingRules", 13 | "xray:GetSamplingStatisticSummaries" 14 | ], 15 | "Resource": [ 16 | "*" 17 | ] 18 | } 19 | ] 20 | }, 21 | "VersionId": "v1", 22 | "IsDefaultVersion": true, 23 | "CreateDate": "2020-01-21T19:56:53Z" 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /policies/AWSApplicationAutoScalingCustomResourcePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "execute-api:Invoke", 10 | "cloudwatch:PutMetricAlarm", 11 | "cloudwatch:DescribeAlarms", 12 | "cloudwatch:DeleteAlarms" 13 | ], 14 | "Resource": [ 15 | "*" 16 | ] 17 | } 18 | ] 19 | }, 20 | "VersionId": "v1", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2018-06-04T23:22:44Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AWSApplicationAutoscalingDynamoDBTablePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "dynamodb:DescribeTable", 10 | "dynamodb:UpdateTable", 11 | "cloudwatch:PutMetricAlarm", 12 | "cloudwatch:DescribeAlarms", 13 | "cloudwatch:DeleteAlarms" 14 | ], 15 | "Resource": "*" 16 | } 17 | ] 18 | }, 19 | "VersionId": "v1", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2017-10-20T21:34:57Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSApplicationAutoscalingEMRInstanceGroupPolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "elasticmapreduce:ListInstanceGroups", 9 | "elasticmapreduce:ModifyInstanceGroups", 10 | "cloudwatch:PutMetricAlarm", 11 | "cloudwatch:DescribeAlarms", 12 | "cloudwatch:DeleteAlarms" 13 | ], 14 | "Effect": "Allow", 15 | "Resource": "*" 16 | } 17 | ] 18 | }, 19 | "VersionId": "v1", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2017-10-26T00:57:39Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSApplicationDiscoveryAgentAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "arsenal:RegisterOnPremisesAgent" 10 | ], 11 | "Resource": "*" 12 | }, 13 | { 14 | "Effect": "Allow", 15 | "Action": [ 16 | "mgh:GetHomeRegion" 17 | ], 18 | "Resource": "*" 19 | } 20 | ] 21 | }, 22 | "VersionId": "v2", 23 | "IsDefaultVersion": true, 24 | "CreateDate": "2020-02-24T22:26:45Z" 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /policies/AWSApplicationMigrationConversionServerPolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "mgn:SendClientMetricsForMgn", 10 | "mgn:SendClientLogsForMgn", 11 | "mgn:GetChannelCommandsForMgn", 12 | "mgn:SendChannelCommandResultForMgn" 13 | ], 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2021-04-07T06:48:58Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSArtifactAccountSync: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "organizations:ListAccounts", 10 | "organizations:DescribeOrganization" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2018-04-10T23:04:33Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSBatchServiceEventTargetRole: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "batch:SubmitJob" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2018-02-28T22:31:13Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSBillingReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "aws-portal:ViewBilling" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2020-08-27T20:08:51Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSBudgetsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "aws-portal:ViewBilling", 10 | "budgets:ViewBudget", 11 | "budgets:Describe*" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2020-10-15T17:18:28Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSCertificateManagerPrivateCAFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "acm-pca:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2018-10-23T16:54:50Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSCertificateManagerReadOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": { 6 | "Effect": "Allow", 7 | "Action": [ 8 | "acm:DescribeCertificate", 9 | "acm:ListCertificates", 10 | "acm:GetCertificate", 11 | "acm:ListTagsForCertificate", 12 | "acm:GetAccountConfiguration" 13 | ], 14 | "Resource": "*" 15 | } 16 | }, 17 | "VersionId": "v4", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2021-03-15T16:25:21Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSCloud9SSMInstanceProfile: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "ssmmessages:CreateControlChannel", 10 | "ssmmessages:CreateDataChannel", 11 | "ssmmessages:OpenControlChannel", 12 | "ssmmessages:OpenDataChannel", 13 | "ssm:UpdateInstanceInformation" 14 | ], 15 | "Resource": "*" 16 | } 17 | ] 18 | }, 19 | "VersionId": "v1", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2020-05-14T11:40:49Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSCloudFormationFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "cloudformation:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2019-07-26T21:50:35Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSCloudFrontLogger: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "logs:CreateLogGroup", 10 | "logs:CreateLogStream", 11 | "logs:PutLogEvents" 12 | ], 13 | "Resource": "arn:aws:logs:*:*:log-group:/aws/cloudfront/*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v2", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2019-11-22T19:33:51Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSCloudHSMFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "cloudhsm:*", 9 | "Resource": "*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2015-02-06T18:39:51Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AWSCloudHSMReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "cloudhsm:Get*", 10 | "cloudhsm:List*", 11 | "cloudhsm:Describe*" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2015-02-06T18:39:52Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSCloudMapDiscoverInstanceAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "servicediscovery:DiscoverInstances" 10 | ], 11 | "Resource": [ 12 | "*" 13 | ] 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2018-11-29T00:02:42Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSCloudMapReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "servicediscovery:Get*", 10 | "servicediscovery:List*", 11 | "servicediscovery:DiscoverInstances" 12 | ], 13 | "Resource": [ 14 | "*" 15 | ] 16 | } 17 | ] 18 | }, 19 | "VersionId": "v1", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2018-11-28T23:45:26Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSCloudShellFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "cloudshell:*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2020-12-15T18:07:44Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSCloudWatchAlarms_ActionSSMIncidentsServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "StartIncidentPermissions", 8 | "Effect": "Allow", 9 | "Action": "ssm-incidents:StartIncident", 10 | "Resource": "*" 11 | } 12 | ] 13 | }, 14 | "VersionId": "v1", 15 | "IsDefaultVersion": true, 16 | "CreateDate": "2021-04-27T13:30:52Z" 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /policies/AWSCodeDeployRoleForCloudFormation: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "lambda:InvokeFunction" 9 | ], 10 | "Resource": "arn:aws:lambda:*:*:function:CodeDeployHook_*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2020-05-19T17:12:52Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSCodePipelineCustomActionAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Statement": [ 5 | { 6 | "Action": [ 7 | "codepipeline:AcknowledgeJob", 8 | "codepipeline:GetJobDetails", 9 | "codepipeline:PollForJobs", 10 | "codepipeline:PutJobFailureResult", 11 | "codepipeline:PutJobSuccessResult" 12 | ], 13 | "Effect": "Allow", 14 | "Resource": "*" 15 | } 16 | ], 17 | "Version": "2012-10-17" 18 | }, 19 | "VersionId": "v1", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2015-07-09T17:02:54Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSConfigRoleForOrganizations: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "organizations:ListAccounts", 10 | "organizations:DescribeOrganization", 11 | "organizations:ListAWSServiceAccessForOrganization", 12 | "organizations:ListDelegatedAdministrators" 13 | ], 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v2", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2020-11-24T20:19:13Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSDenyAll: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "*" 9 | ], 10 | "Effect": "Deny", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2019-05-01T22:36:14Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSDeviceFarmFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "devicefarm:*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-07-13T16:37:38Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSDirectConnectFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "directconnect:*", 10 | "ec2:DescribeVpnGateways", 11 | "ec2:DescribeTransitGateways" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v3", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2019-04-30T15:29:29Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSDirectConnectReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "directconnect:Describe*", 10 | "directconnect:List*", 11 | "ec2:DescribeVpnGateways", 12 | "ec2:DescribeTransitGateways" 13 | ], 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v4", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2020-05-18T18:48:22Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSDirectConnectServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "secretsmanager:DescribeSecret", 10 | "secretsmanager:ListSecretVersionIds", 11 | "secretsmanager:GetSecretValue" 12 | ], 13 | "Resource": [ 14 | "arn:aws:secretsmanager:*:*:secret:*directconnect*" 15 | ] 16 | } 17 | ] 18 | }, 19 | "VersionId": "v1", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2021-01-14T18:35:27Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSECRPullThroughCacheServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "ecr:GetAuthorizationToken", 10 | "ecr:BatchCheckLayerAvailability", 11 | "ecr:InitiateLayerUpload", 12 | "ecr:UploadLayerPart", 13 | "ecr:CompleteLayerUpload", 14 | "ecr:PutImage" 15 | ], 16 | "Resource": "*" 17 | } 18 | ] 19 | }, 20 | "VersionId": "v1", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2021-11-23T23:37:27Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AWSECRPullThroughCache_ServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "ecr:GetAuthorizationToken", 10 | "ecr:BatchCheckLayerAvailability", 11 | "ecr:InitiateLayerUpload", 12 | "ecr:UploadLayerPart", 13 | "ecr:CompleteLayerUpload", 14 | "ecr:PutImage" 15 | ], 16 | "Resource": "*" 17 | } 18 | ] 19 | }, 20 | "VersionId": "v1", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2021-11-26T21:51:09Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AWSElasticBeanstalkRoleCWL: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "AllowCWL", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "logs:CreateLogGroup", 11 | "logs:DeleteLogGroup", 12 | "logs:PutRetentionPolicy" 13 | ], 14 | "Resource": "arn:aws:logs:*:*:log-group:/aws/elasticbeanstalk/*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2020-06-05T21:49:06Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSElasticBeanstalkRoleECS: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "AllowECS", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "ecs:CreateCluster", 11 | "ecs:DeleteCluster", 12 | "ecs:RegisterTaskDefinition", 13 | "ecs:DeRegisterTaskDefinition" 14 | ], 15 | "Resource": [ 16 | "*" 17 | ] 18 | } 19 | ] 20 | }, 21 | "VersionId": "v1", 22 | "IsDefaultVersion": true, 23 | "CreateDate": "2020-06-05T21:47:27Z" 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaConvertReadOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "mediaconvert:Get*", 10 | "mediaconvert:List*", 11 | "mediaconvert:DescribeEndpoints", 12 | "s3:ListAllMyBuckets", 13 | "s3:ListBucket" 14 | ], 15 | "Resource": "*" 16 | } 17 | ] 18 | }, 19 | "VersionId": "v2", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2019-06-10T22:52:18Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaLiveFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": { 6 | "Effect": "Allow", 7 | "Action": "medialive:*", 8 | "Resource": "*" 9 | } 10 | }, 11 | "VersionId": "v1", 12 | "IsDefaultVersion": true, 13 | "CreateDate": "2020-07-08T17:07:14Z" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaLiveReadOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": { 6 | "Effect": "Allow", 7 | "Action": [ 8 | "medialive:List*", 9 | "medialive:Describe*" 10 | ], 11 | "Resource": "*" 12 | } 13 | }, 14 | "VersionId": "v1", 15 | "IsDefaultVersion": true, 16 | "CreateDate": "2020-07-08T16:38:07Z" 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaPackageFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": { 6 | "Effect": "Allow", 7 | "Action": "mediapackage:*", 8 | "Resource": "*" 9 | } 10 | }, 11 | "VersionId": "v1", 12 | "IsDefaultVersion": true, 13 | "CreateDate": "2017-12-29T23:39:52Z" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaPackageReadOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": { 6 | "Effect": "Allow", 7 | "Action": [ 8 | "mediapackage:List*", 9 | "mediapackage:Describe*" 10 | ], 11 | "Resource": "*" 12 | } 13 | }, 14 | "VersionId": "v1", 15 | "IsDefaultVersion": true, 16 | "CreateDate": "2017-12-30T00:04:29Z" 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaStoreFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "mediastore:*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*", 12 | "Condition": { 13 | "Bool": { 14 | "aws:SecureTransport": "true" 15 | } 16 | } 17 | } 18 | ] 19 | }, 20 | "VersionId": "v1", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2018-03-05T23:15:31Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaTailorFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": { 6 | "Effect": "Allow", 7 | "Action": "mediatailor:*", 8 | "Resource": "*" 9 | } 10 | }, 11 | "VersionId": "v1", 12 | "IsDefaultVersion": true, 13 | "CreateDate": "2021-11-23T00:04:39Z" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaTailorReadOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": { 6 | "Effect": "Allow", 7 | "Action": [ 8 | "mediatailor:List*", 9 | "mediatailor:Describe*", 10 | "mediatailor:Get*" 11 | ], 12 | "Resource": "*" 13 | } 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2021-11-23T00:05:01Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSEnhancedClassicNetworkingMangementPolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "ec2:DescribeInstances", 9 | "ec2:DescribeSecurityGroups" 10 | ], 11 | "Effect": "Allow", 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2017-09-20T17:29:09Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSFMAdminFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "fms:*", 9 | "waf:*", 10 | "waf-regional:*", 11 | "elasticloadbalancing:SetWebACL", 12 | "organizations:DescribeOrganization" 13 | ], 14 | "Effect": "Allow", 15 | "Resource": "*" 16 | } 17 | ] 18 | }, 19 | "VersionId": "v1", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2018-05-09T18:06:18Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSFMAdminReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "fms:Get*", 9 | "fms:List*", 10 | "waf:Get*", 11 | "waf:List*", 12 | "waf-regional:Get*", 13 | "waf-regional:List*", 14 | "organizations:DescribeOrganization" 15 | ], 16 | "Effect": "Allow", 17 | "Resource": "*" 18 | } 19 | ] 20 | }, 21 | "VersionId": "v1", 22 | "IsDefaultVersion": true, 23 | "CreateDate": "2018-05-09T20:07:39Z" 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /policies/AWSFMMemberReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "fms:GetAdminAccount", 9 | "waf:Get*", 10 | "waf:List*", 11 | "waf-regional:Get*", 12 | "waf-regional:List*", 13 | "organizations:DescribeOrganization" 14 | ], 15 | "Effect": "Allow", 16 | "Resource": "*" 17 | } 18 | ] 19 | }, 20 | "VersionId": "v1", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2018-05-09T21:05:29Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AWSGrafanaConsoleReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "AWSGrafanaConsoleReadOnlyAccess", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "grafana:Describe*", 11 | "grafana:List*" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v3", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2022-02-15T22:30:54Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSGreengrassFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "greengrass:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2017-05-03T00:47:37Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSGreengrassReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "greengrass:List*", 10 | "greengrass:Get*" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2018-10-30T16:01:43Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSIQContractServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "aws-marketplace:Subscribe" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2019-08-22T19:28:39Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSIdentitySyncReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "identity-sync:GetSyncProfile", 10 | "identity-sync:ListSyncFilters", 11 | "identity-sync:GetSyncTarget" 12 | ], 13 | "Resource": "arn:*:identity-sync:*:*:*/*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2022-03-23T23:29:52Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSImportExportFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "importexport:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-02-06T18:40:43Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSImportExportReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "importexport:ListJobs", 10 | "importexport:GetStatus" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2015-02-06T18:40:42Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSIoT1ClickFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "iot1click:*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2018-05-11T22:10:14Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSIoT1ClickReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "iot1click:Describe*", 9 | "iot1click:Get*", 10 | "iot1click:List*" 11 | ], 12 | "Effect": "Allow", 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2018-05-11T21:49:24Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSIoTAnalyticsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iotanalytics:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2018-06-18T23:02:45Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSIoTAnalyticsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iotanalytics:Describe*", 10 | "iotanalytics:List*", 11 | "iotanalytics:Get*", 12 | "iotanalytics:SampleChannelData" 13 | ], 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2018-06-18T21:37:49Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSIoTDeviceDefenderAddThingsToThingGroupMitigationAction: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iot:ListPrincipalThings", 10 | "iot:AddThingToThingGroup" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ] 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2019-08-07T17:55:37Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSIoTDeviceDefenderPublishFindingsToSNSMitigationAction: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "sns:Publish" 10 | ], 11 | "Resource": [ 12 | "*" 13 | ] 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2019-08-07T17:04:37Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSIoTDeviceDefenderReplaceDefaultPolicyMitigationAction: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iot:CreatePolicyVersion" 10 | ], 11 | "Resource": [ 12 | "*" 13 | ] 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2019-08-07T17:04:57Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSIoTDeviceDefenderUpdateCACertMitigationAction: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iot:UpdateCACertificate" 10 | ], 11 | "Resource": [ 12 | "*" 13 | ] 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2019-08-07T17:05:49Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSIoTDeviceDefenderUpdateDeviceCertMitigationAction: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iot:UpdateCertificate" 10 | ], 11 | "Resource": [ 12 | "*" 13 | ] 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2019-08-07T17:06:00Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSIoTEventsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iotevents:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2019-01-10T22:51:57Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSIoTEventsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iotevents:Describe*", 10 | "iotevents:List*" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v2", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2019-09-23T17:22:04Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSIoTFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iot:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-10-08T15:19:49Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSIoTOTAUpdate: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": { 6 | "Effect": "Allow", 7 | "Action": [ 8 | "iot:CreateJob", 9 | "signer:DescribeSigningJob" 10 | ], 11 | "Resource": "*" 12 | } 13 | }, 14 | "VersionId": "v1", 15 | "IsDefaultVersion": true, 16 | "CreateDate": "2017-12-20T20:36:53Z" 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /policies/AWSIoTSiteWiseFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iotsitewise:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2018-12-04T20:53:39Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSIoTSiteWiseReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iotsitewise:Describe*", 10 | "iotsitewise:List*", 11 | "iotsitewise:Get*" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2018-12-04T20:55:11Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSIoTWirelessDataAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iotwireless:SendDataToWirelessDevice" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2020-12-15T15:31:39Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSIoTWirelessFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iotwireless:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2020-12-15T15:27:57Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSIoTWirelessFullPublishAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iot:DescribeEndpoint", 10 | "iot:Publish" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2020-12-15T15:29:59Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSIoTWirelessGatewayCertManager: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "IoTWirelessGatewayCertManager", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "iot:CreateKeysAndCertificate", 11 | "iot:DescribeCertificate", 12 | "iot:ListCertificates" 13 | ], 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2020-12-15T15:30:48Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSIoTWirelessLogging: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "logs:CreateLogGroup", 10 | "logs:CreateLogStream", 11 | "logs:DescribeLogGroups", 12 | "logs:DescribeLogStreams", 13 | "logs:PutLogEvents" 14 | ], 15 | "Resource": "arn:aws:logs:*:*:log-group:/aws/iotwireless*" 16 | } 17 | ] 18 | }, 19 | "VersionId": "v1", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2020-12-15T15:32:40Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSIoTWirelessReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iotwireless:List*", 10 | "iotwireless:Get*" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2020-12-15T15:28:56Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSIotRoboRunnerFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "iotroborunner:*", 9 | "Resource": "*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2021-11-29T03:54:37Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AWSKeyManagementServiceMultiRegionKeysServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "kms:SynchronizeMultiRegionKey" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2021-06-16T15:37:37Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSLambdaBasicExecutionRole: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "logs:CreateLogGroup", 10 | "logs:CreateLogStream", 11 | "logs:PutLogEvents" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2015-04-09T15:03:43Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSLambdaENIManagementAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "ec2:CreateNetworkInterface", 10 | "ec2:DescribeNetworkInterfaces", 11 | "ec2:DeleteNetworkInterface", 12 | "ec2:AssignPrivateIpAddresses", 13 | "ec2:UnassignPrivateIpAddresses" 14 | ], 15 | "Resource": "*" 16 | } 17 | ] 18 | }, 19 | "VersionId": "v2", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2020-10-01T20:07:26Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSLambdaExecute: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "logs:*" 10 | ], 11 | "Resource": "arn:aws:logs:*:*:*" 12 | }, 13 | { 14 | "Effect": "Allow", 15 | "Action": [ 16 | "s3:GetObject", 17 | "s3:PutObject" 18 | ], 19 | "Resource": "arn:aws:s3:::*" 20 | } 21 | ] 22 | }, 23 | "VersionId": "v1", 24 | "IsDefaultVersion": true, 25 | "CreateDate": "2015-02-06T18:40:46Z" 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /policies/AWSLambdaRole: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "lambda:InvokeFunction" 10 | ], 11 | "Resource": [ 12 | "*" 13 | ] 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2015-02-06T18:41:28Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSLambdaSQSQueueExecutionRole: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "sqs:ReceiveMessage", 10 | "sqs:DeleteMessage", 11 | "sqs:GetQueueAttributes", 12 | "logs:CreateLogGroup", 13 | "logs:CreateLogStream", 14 | "logs:PutLogEvents" 15 | ], 16 | "Resource": "*" 17 | } 18 | ] 19 | }, 20 | "VersionId": "v1", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2018-06-14T21:50:45Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AWSLicenseManagerConsumptionPolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": { 6 | "Effect": "Allow", 7 | "Action": [ 8 | "license-manager:CheckoutLicense", 9 | "license-manager:CheckInLicense", 10 | "license-manager:ExtendLicenseConsumption", 11 | "license-manager:GetLicense" 12 | ], 13 | "Resource": "*" 14 | } 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2021-08-11T23:18:08Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSMarketplaceGetEntitlements: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "aws-marketplace:GetEntitlements" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2017-03-27T19:37:24Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSMarketplaceMeteringFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "aws-marketplace:MeterUsage" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2016-03-17T22:39:22Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSMarketplaceMeteringRegisterUsage: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "aws-marketplace:RegisterUsage" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2019-11-21T01:17:54Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSMarketplacePurchaseOrdersServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "AllowPurchaseOrderActions", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "purchase-orders:ViewPurchaseOrders", 11 | "purchase-orders:ModifyPurchaseOrders" 12 | ], 13 | "Resource": [ 14 | "*" 15 | ] 16 | } 17 | ] 18 | }, 19 | "VersionId": "v1", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2021-10-27T15:12:37Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSNetworkManagerReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "networkmanager:Describe*", 10 | "networkmanager:Get*", 11 | "networkmanager:List*" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2019-12-03T17:35:05Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSOpsWorksCloudWatchLogs: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "logs:CreateLogGroup", 10 | "logs:CreateLogStream", 11 | "logs:PutLogEvents", 12 | "logs:DescribeLogStreams" 13 | ], 14 | "Resource": [ 15 | "arn:aws:logs:*:*:*" 16 | ] 17 | } 18 | ] 19 | }, 20 | "VersionId": "v1", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2017-03-30T17:47:19Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AWSOpsWorksInstanceRegistration: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "opsworks:DescribeStackProvisioningParameters", 10 | "opsworks:DescribeStacks", 11 | "opsworks:RegisterInstance" 12 | ], 13 | "Resource": [ 14 | "*" 15 | ] 16 | } 17 | ] 18 | }, 19 | "VersionId": "v1", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2016-06-03T14:23:15Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSOutpostsServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "ec2:DescribeNetworkInterfaces", 10 | "ec2:DescribeSecurityGroups", 11 | "ec2:CreateNetworkInterface", 12 | "ec2:CreateSecurityGroup" 13 | ], 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2020-11-09T22:55:56Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSPanoramaSageMakerRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "PanoramaSageMakerS3Access", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "s3:GetObject", 11 | "s3:PutObject", 12 | "s3:GetBucket*" 13 | ], 14 | "Resource": [ 15 | "arn:aws:s3:::*aws-panorama*" 16 | ] 17 | } 18 | ] 19 | }, 20 | "VersionId": "v1", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2020-12-01T13:13:54Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AWSPriceListServiceFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "pricing:*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2017-11-22T00:36:27Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSPrivateMarketplaceRequests: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "aws-marketplace:CreatePrivateMarketplaceRequests", 10 | "aws-marketplace:ListPrivateMarketplaceRequests", 11 | "aws-marketplace:DescribePrivateMarketplaceRequests" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2019-10-28T21:44:03Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSPrivateNetworksServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "cloudwatch:PutMetricData" 10 | ], 11 | "Resource": "*", 12 | "Condition": { 13 | "StringEquals": { 14 | "cloudwatch:namespace": "AWS/Private5G" 15 | } 16 | } 17 | } 18 | ] 19 | }, 20 | "VersionId": "v1", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2021-12-16T23:17:46Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AWSProtonReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": { 6 | "Effect": "Allow", 7 | "Action": [ 8 | "proton:List*", 9 | "proton:Get*" 10 | ], 11 | "Resource": "*" 12 | } 13 | }, 14 | "VersionId": "v1", 15 | "IsDefaultVersion": true, 16 | "CreateDate": "2021-02-17T19:09:12Z" 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /policies/AWSPurchaseOrdersServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "aws-portal:*Billing", 10 | "purchase-orders:*PurchaseOrders" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v2", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2021-11-22T20:06:47Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSQuickSightDescribeRDS: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "rds:Describe*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-11-10T23:24:50Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSQuickSightDescribeRedshift: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "redshift:Describe*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-11-10T23:25:01Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSQuickSightIoTAnalyticsAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "iotanalytics:ListDatasets", 9 | "iotanalytics:DescribeDataset", 10 | "iotanalytics:GetDatasetContent" 11 | ], 12 | "Effect": "Allow", 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2017-11-29T17:00:54Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSQuickSightListIAM: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iam:List*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-11-10T23:25:07Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSResourceAccessManagerFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "ram:*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2019-06-04T17:28:22Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSResourceAccessManagerReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "ram:Get*", 9 | "ram:List*" 10 | ], 11 | "Effect": "Allow", 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2019-12-09T20:58:37Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSRoboMakerReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "VisualEditor0", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "robomaker:List*", 11 | "robomaker:BatchDescribe*", 12 | "robomaker:Describe*", 13 | "robomaker:Get*" 14 | ], 15 | "Resource": "*" 16 | } 17 | ] 18 | }, 19 | "VersionId": "v2", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2020-08-28T23:10:18Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSSSODirectoryAdministrator: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "AWSSSODirectoryAdministrator", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "sso-directory:*", 11 | "sso:ListDirectoryAssociations" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v2", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2020-08-18T17:17:40Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSSSODirectoryReadOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "AWSSSODirectoryReadOnly", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "sso-directory:Search*", 11 | "sso-directory:Describe*", 12 | "sso-directory:List*", 13 | "sso-directory:Get*" 14 | ], 15 | "Resource": "*" 16 | } 17 | ] 18 | }, 19 | "VersionId": "v2", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2019-11-26T22:37:16Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSSavingsPlansFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "savingsplans:*", 9 | "Resource": "*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2019-11-06T22:45:18Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AWSSavingsPlansReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "savingsplans:Describe*", 10 | "savingsplans:List*" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2019-11-06T22:45:10Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSSecurityHubReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "securityhub:Get*", 10 | "securityhub:List*", 11 | "securityhub:Describe*" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v2", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2019-06-25T22:45:52Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSServiceRoleForCloudWatchAlarmsActionSSMServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "ssm:CreateOpsItem" 9 | ], 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2020-10-01T09:49:01Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSServiceRoleForCodeGuru-Profiler: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "AllowSNSPublishToSendNotifications", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "sns:Publish" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2020-06-26T22:04:26Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSServiceRoleForCodeGuruProfiler: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "AllowSNSPublishToSendNotifications", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "sns:Publish" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2020-06-24T22:01:10Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSStepFunctionsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "states:*", 9 | "Resource": "*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2017-01-11T21:51:32Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AWSStorageGatewayServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "fsx:ListTagsForResource" 10 | ], 11 | "Resource": "arn:aws:fsx:*:*:backup/*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2021-02-17T19:03:19Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSSupportAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "support:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-02-06T18:41:11Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSTransferLoggingAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "logs:CreateLogStream", 10 | "logs:DescribeLogStreams", 11 | "logs:CreateLogGroup", 12 | "logs:PutLogEvents" 13 | ], 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2019-01-14T15:32:50Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSTransferReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "transfer:DescribeUser", 10 | "transfer:DescribeServer", 11 | "transfer:ListUsers", 12 | "transfer:ListServers", 13 | "transfer:TestIdentityProvider", 14 | "transfer:ListTagsForResource" 15 | ], 16 | "Resource": "*" 17 | } 18 | ] 19 | }, 20 | "VersionId": "v1", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2020-08-27T17:54:51Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AWSVPCS2SVpnServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "0", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "acm:ExportCertificate", 11 | "acm:DescribeCertificate", 12 | "acm:ListCertificates", 13 | "acm-pca:DescribeCertificateAuthority" 14 | ], 15 | "Resource": "*" 16 | } 17 | ] 18 | }, 19 | "VersionId": "v1", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2019-08-06T14:13:58Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSXrayFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "xray:*" 10 | ], 11 | "Resource": [ 12 | "*" 13 | ] 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2016-12-01T18:30:55Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSXrayWriteOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "xray:PutTraceSegments", 10 | "xray:PutTelemetryRecords", 11 | "xray:GetSamplingRules", 12 | "xray:GetSamplingTargets", 13 | "xray:GetSamplingStatisticSummaries" 14 | ], 15 | "Resource": [ 16 | "*" 17 | ] 18 | } 19 | ] 20 | }, 21 | "VersionId": "v2", 22 | "IsDefaultVersion": true, 23 | "CreateDate": "2018-08-28T23:03:04Z" 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /policies/AdministratorAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "*", 9 | "Resource": "*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2015-02-06T18:39:46Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AlexaForBusinessReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "a4b:Get*", 10 | "a4b:List*", 11 | "a4b:Search*" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v3", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2019-11-20T00:25:33Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonAPIGatewayAdministrator: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "apigateway:*" 10 | ], 11 | "Resource": "arn:aws:apigateway:*::/*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-07-09T17:34:45Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonAPIGatewayInvokeFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "execute-api:Invoke", 10 | "execute-api:ManageConnections" 11 | ], 12 | "Resource": "arn:aws:execute-api:*:*:*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v2", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2018-12-18T18:25:10Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonAppStreamReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "appstream:Get*", 9 | "appstream:List*", 10 | "appstream:Describe*" 11 | ], 12 | "Effect": "Allow", 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v2", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2016-12-07T21:00:06Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonAugmentedAIHumanLoopFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "sagemaker:*HumanLoop", 10 | "sagemaker:*HumanLoops" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2019-12-03T16:20:47Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonChimeReadOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "chime:List*", 9 | "chime:Get*", 10 | "chime:Describe*", 11 | "chime:SearchAvailablePhoneNumbers" 12 | ], 13 | "Effect": "Allow", 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v10", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2020-12-14T20:53:57Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonChimeTranscriptionServiceLinkedRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "transcribe:StartStreamTranscription", 10 | "transcribe:StartMedicalStreamTranscription" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2021-08-04T21:47:41Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonCirrusGammaRoleForInstaller: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "VisualEditor0", 8 | "Effect": "Allow", 9 | "Action": "cirrus:*", 10 | "Resource": "arn:aws:cirrus:*:*:*/*" 11 | } 12 | ] 13 | }, 14 | "VersionId": "v1", 15 | "IsDefaultVersion": true, 16 | "CreateDate": "2020-07-13T15:11:38Z" 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /policies/AmazonCloudDirectoryFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "clouddirectory:*" 10 | ], 11 | "Resource": [ 12 | "*" 13 | ] 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2017-02-25T00:41:39Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonCloudDirectoryReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "clouddirectory:List*", 10 | "clouddirectory:Get*", 11 | "clouddirectory:LookupPolicy", 12 | "clouddirectory:BatchRead" 13 | ], 14 | "Resource": [ 15 | "*" 16 | ] 17 | } 18 | ] 19 | }, 20 | "VersionId": "v1", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2017-02-28T23:42:06Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AmazonCloudWatchRUMReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "rum:GetAppMonitor", 10 | "rum:GetAppMonitorData", 11 | "rum:ListAppMonitors" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2021-11-29T15:43:47Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonCloudWatchRUMServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "xray:PutTraceSegments" 10 | ], 11 | "Resource": [ 12 | "*" 13 | ] 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2021-11-17T23:17:23Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonCodeGuruProfilerAgentAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "codeguru-profiler:ConfigureAgent", 10 | "codeguru-profiler:CreateProfilingGroup", 11 | "codeguru-profiler:PostAgentProfile" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v2", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2021-04-02T23:21:37Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonCodeGuruReviewerReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "AmazonCodeGuruReviewerReadOnlyAccess", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "codeguru:Get*", 11 | "codeguru-reviewer:List*", 12 | "codeguru-reviewer:Describe*", 13 | "codeguru-reviewer:Get*" 14 | ], 15 | "Resource": "*" 16 | } 17 | ] 18 | }, 19 | "VersionId": "v2", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2020-08-29T04:15:32Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AmazonCognitoDeveloperAuthenticatedIdentities: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "cognito-identity:GetOpenIdTokenForDeveloperIdentity", 10 | "cognito-identity:LookupDeveloperIdentity", 11 | "cognito-identity:MergeDeveloperIdentities", 12 | "cognito-identity:UnlinkDeveloperIdentity" 13 | ], 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2015-03-24T17:22:23Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonCognitoIdpServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "cognito-idp:Describe*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2020-06-26T22:30:20Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonConnectCampaignsServiceLinkedRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "connect-campaigns:ListCampaigns" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2021-09-23T20:54:26Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonConnectVoiceIDFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "voiceid:*", 9 | "Resource": "*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2021-09-26T19:04:10Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonDetectiveServiceLinkedRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "organizations:DescribeAccount", 10 | "organizations:ListAccounts" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2021-11-18T19:47:32Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonEC2ReportsAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": "ec2-reports:*", 8 | "Effect": "Allow", 9 | "Resource": "*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2015-02-06T18:40:16Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonEC2RoleforAWSCodeDeploy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "s3:GetObject", 9 | "s3:GetObjectVersion", 10 | "s3:ListBucket" 11 | ], 12 | "Effect": "Allow", 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v2", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2017-03-20T17:14:10Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonECSTaskExecutionRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "ecr:GetAuthorizationToken", 10 | "ecr:BatchCheckLayerAvailability", 11 | "ecr:GetDownloadUrlForLayer", 12 | "ecr:BatchGetImage", 13 | "logs:CreateLogStream", 14 | "logs:PutLogEvents" 15 | ], 16 | "Resource": "*" 17 | } 18 | ] 19 | }, 20 | "VersionId": "v1", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2017-11-16T18:48:22Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AmazonEKSFargatePodExecutionRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "ecr:GetAuthorizationToken", 10 | "ecr:BatchCheckLayerAvailability", 11 | "ecr:GetDownloadUrlForLayer", 12 | "ecr:BatchGetImage" 13 | ], 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2019-11-22T04:34:29Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonESFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "es:*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-10-01T19:14:00Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonESReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "es:Describe*", 9 | "es:List*", 10 | "es:Get*" 11 | ], 12 | "Effect": "Allow", 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v2", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2018-10-03T03:32:56Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonElastiCacheReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "elasticache:Describe*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-02-06T18:40:21Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonElasticContainerRegistryPublicFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "ecr-public:*", 10 | "sts:GetServiceBearerToken" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2020-12-01T17:25:52Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonElasticFileSystemClientFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "elasticfilesystem:ClientMount", 10 | "elasticfilesystem:ClientRootAccess", 11 | "elasticfilesystem:ClientWrite", 12 | "elasticfilesystem:DescribeMountTargets" 13 | ], 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2020-01-13T16:27:00Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonElasticFileSystemClientReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "elasticfilesystem:ClientMount", 10 | "elasticfilesystem:DescribeMountTargets" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2020-01-13T16:24:36Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonElasticFileSystemClientReadWriteAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "elasticfilesystem:ClientMount", 10 | "elasticfilesystem:ClientWrite", 11 | "elasticfilesystem:DescribeMountTargets" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2020-01-13T16:21:55Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonElasticMapReduceforAutoScalingRole: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "cloudwatch:DescribeAlarms", 9 | "elasticmapreduce:ListInstanceGroups", 10 | "elasticmapreduce:ModifyInstanceGroups" 11 | ], 12 | "Effect": "Allow", 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2016-11-18T01:09:10Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonElasticTranscoder_ReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "elastictranscoder:Read*", 9 | "elastictranscoder:List*", 10 | "s3:ListAllMyBuckets", 11 | "s3:ListBucket", 12 | "iam:ListRoles", 13 | "sns:ListTopics" 14 | ], 15 | "Effect": "Allow", 16 | "Resource": "*" 17 | } 18 | ] 19 | }, 20 | "VersionId": "v2", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2019-06-10T22:48:32Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AmazonFSxReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "fsx:Describe*", 10 | "fsx:ListTagsForResource" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2018-11-28T16:33:32Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonFreeRTOSFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "freertos:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2017-11-29T15:32:51Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonGlacierFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": "glacier:*", 8 | "Effect": "Allow", 9 | "Resource": "*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2015-02-06T18:40:28Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonHoneycodeFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "honeycode:*" 9 | ], 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2020-06-24T20:28:11Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonHoneycodeReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "honeycode:List*", 9 | "honeycode:Get*", 10 | "honeycode:Describe*", 11 | "honeycode:Query*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v2", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2020-12-01T17:27:53Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonHoneycodeServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "sso:GetManagedApplicationInstance" 9 | ], 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2020-11-18T18:03:08Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonHoneycodeTeamAssociationFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "honeycode:ListTeamAssociations", 9 | "honeycode:ApproveTeamAssociation", 10 | "honeycode:RejectTeamAssociation" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2020-06-24T20:28:27Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonHoneycodeTeamAssociationReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "honeycode:ListTeamAssociations" 9 | ], 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2020-06-24T20:27:46Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonKendraReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "kendra:Describe*", 10 | "kendra:List*", 11 | "kendra:Query", 12 | "kendra:GetQuerySuggestions" 13 | ], 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v2", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2021-05-27T17:01:20Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonKinesisFirehoseFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "firehose:*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-10-07T18:45:26Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonKinesisFirehoseReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "firehose:Describe*", 9 | "firehose:List*" 10 | ], 11 | "Effect": "Allow", 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2015-10-07T18:43:39Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonKinesisFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "kinesis:*", 9 | "Resource": "*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2015-02-06T18:40:29Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonKinesisReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "kinesis:Get*", 10 | "kinesis:List*", 11 | "kinesis:Describe*" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2015-02-06T18:40:30Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonKinesisVideoStreamsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "kinesisvideo:*", 9 | "Resource": "*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2017-12-01T23:27:18Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonKinesisVideoStreamsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "kinesisvideo:Describe*", 10 | "kinesisvideo:Get*", 11 | "kinesisvideo:List*" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2017-12-01T23:14:32Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonLexChannelsAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "lex:ListBots" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2021-01-13T20:12:46Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonLexV2BotPolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "polly:SynthesizeSpeech" 10 | ], 11 | "Resource": [ 12 | "*" 13 | ] 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2021-01-13T20:10:29Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonLookoutVisionFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "LookoutVisionFullAccess", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "lookoutvision:*" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2021-05-11T19:24:54Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonMQApiReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "mq:Describe*", 9 | "mq:List*", 10 | "ec2:DescribeNetworkInterfaces", 11 | "ec2:DescribeSecurityGroups", 12 | "ec2:DescribeSubnets", 13 | "ec2:DescribeVpcs" 14 | ], 15 | "Effect": "Allow", 16 | "Resource": "*" 17 | } 18 | ] 19 | }, 20 | "VersionId": "v1", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2018-12-18T20:31:13Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AmazonMQReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "mq:Describe*", 9 | "mq:List*", 10 | "ec2:DescribeNetworkInterfaces", 11 | "ec2:DescribeSecurityGroups", 12 | "ec2:DescribeSubnets", 13 | "ec2:DescribeVpcs" 14 | ], 15 | "Effect": "Allow", 16 | "Resource": "*" 17 | } 18 | ] 19 | }, 20 | "VersionId": "v2", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2017-11-28T19:02:03Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AmazonMachineLearningCreateOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "machinelearning:Add*", 10 | "machinelearning:Create*", 11 | "machinelearning:Delete*", 12 | "machinelearning:Describe*", 13 | "machinelearning:Get*" 14 | ], 15 | "Resource": "*" 16 | } 17 | ] 18 | }, 19 | "VersionId": "v2", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2016-06-29T20:55:03Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AmazonMachineLearningFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "machinelearning:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-04-09T17:25:41Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonMachineLearningManageRealTimeEndpointOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "machinelearning:CreateRealtimeEndpoint", 10 | "machinelearning:DeleteRealtimeEndpoint" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2015-04-09T17:32:41Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonMachineLearningReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "machinelearning:Describe*", 10 | "machinelearning:Get*" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2015-04-09T17:40:02Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonMachineLearningRealTimePredictionOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "machinelearning:Predict" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-04-09T17:44:06Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonMacieHandshakeRole: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "iam:CreateServiceLinkedRole", 9 | "Resource": "*", 10 | "Condition": { 11 | "ForAnyValue:StringEquals": { 12 | "iam:AWSServiceName": "macie.amazonaws.com" 13 | } 14 | } 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2018-06-28T15:46:10Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonMacieServiceRole: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Resource": "*", 9 | "Action": [ 10 | "s3:Get*", 11 | "s3:List*" 12 | ] 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2017-08-14T14:53:26Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonManagedBlockchainFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "managedblockchain:*" 10 | ], 11 | "Resource": [ 12 | "*" 13 | ] 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2019-04-29T21:39:29Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonManagedBlockchainReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "managedblockchain:Get*", 10 | "managedblockchain:List*" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ] 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2019-04-30T18:17:31Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonMechanicalTurkCrowdReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "CrowdApiReadOnlyAccess", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "crowd:GetTask" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ] 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2017-10-05T18:10:56Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonMechanicalTurkFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "mechanicalturk:*" 10 | ], 11 | "Resource": [ 12 | "*" 13 | ] 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2015-12-11T19:08:19Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonMechanicalTurkReadOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "mechanicalturk:Get*", 10 | "mechanicalturk:List*" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ] 15 | } 16 | ] 17 | }, 18 | "VersionId": "v3", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2019-09-25T21:06:26Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonMemoryDBReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "memorydb:Describe*", 10 | "memorydb:List*" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2021-10-08T19:27:28Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonMobileAnalyticsFinancialReportAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "mobileanalytics:GetReports", 10 | "mobileanalytics:GetFinancialReports" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2015-02-06T18:40:35Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonMobileAnalyticsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "mobileanalytics:*", 9 | "Resource": "*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2015-02-06T18:40:34Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonMobileAnalyticsNon-financialReportAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "mobileanalytics:GetReports", 9 | "Resource": "*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2015-02-06T18:40:36Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonMobileAnalyticsWriteOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "mobileanalytics:PutEvents", 9 | "Resource": "*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2015-02-06T18:40:37Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonOpenSearchServiceFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "es:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2021-09-08T05:33:47Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonOpenSearchServiceReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "es:Describe*", 10 | "es:List*", 11 | "es:Get*" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2021-09-08T05:38:13Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonPollyFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "polly:*" 10 | ], 11 | "Resource": [ 12 | "*" 13 | ] 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2016-11-30T18:59:06Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonPrometheusFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "aps:*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2020-12-15T18:10:46Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonPrometheusQueryAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "aps:GetLabels", 9 | "aps:GetMetricMetadata", 10 | "aps:GetSeries", 11 | "aps:QueryMetrics" 12 | ], 13 | "Effect": "Allow", 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2020-12-19T01:02:58Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonPrometheusRemoteWriteAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "aps:RemoteWrite" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2020-12-19T01:04:32Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonRDSDirectoryServiceAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "ds:DescribeDirectories", 9 | "ds:AuthorizeApplication", 10 | "ds:UnauthorizeApplication", 11 | "ds:GetAuthorizedApplicationDetails" 12 | ], 13 | "Effect": "Allow", 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v2", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2019-05-15T16:51:50Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonRekognitionFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "rekognition:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2016-11-30T14:40:44Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonRoute53AutoNamingReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "servicediscovery:Get*", 10 | "servicediscovery:List*" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ] 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2018-01-18T03:02:59Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonRoute53DomainsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "route53:CreateHostedZone", 10 | "route53domains:*" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ] 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2015-02-06T18:40:56Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonRoute53DomainsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "route53domains:Get*", 10 | "route53domains:List*" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ] 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2015-02-06T18:40:57Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonRoute53ReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "route53:Get*", 10 | "route53:List*", 11 | "route53:TestDNSAnswer" 12 | ], 13 | "Resource": [ 14 | "*" 15 | ] 16 | } 17 | ] 18 | }, 19 | "VersionId": "v2", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2016-11-15T21:15:16Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AmazonRoute53RecoveryClusterFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "route53-recovery-cluster:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2021-08-18T18:37:00Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonRoute53RecoveryClusterReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "route53-recovery-cluster:GetRoutingControlState" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2021-08-18T17:36:01Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonRoute53RecoveryControlConfigFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "route53-recovery-control-config:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2021-08-18T17:48:35Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonRoute53RecoveryReadinessFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "route53-recovery-readiness:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2021-08-18T16:45:07Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonS3FullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "s3:*", 10 | "s3-object-lambda:*" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v2", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2021-09-27T20:16:37Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonS3ObjectLambdaExecutionRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "logs:CreateLogGroup", 10 | "logs:CreateLogStream", 11 | "logs:PutLogEvents", 12 | "s3-object-lambda:WriteGetObjectResponse" 13 | ], 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2021-08-18T10:07:41Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonS3ReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "s3:Get*", 10 | "s3:List*", 11 | "s3-object-lambda:Get*", 12 | "s3-object-lambda:List*" 13 | ], 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v2", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2021-09-27T20:24:58Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonSESFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "ses:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-02-06T18:41:02Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonSESReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "ses:Get*", 10 | "ses:List*" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2015-02-06T18:41:03Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonSNSFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "sns:*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-02-06T18:41:05Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonSNSReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "sns:GetTopicAttributes", 10 | "sns:List*" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2015-02-06T18:41:06Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonSNSRole: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "logs:CreateLogGroup", 10 | "logs:CreateLogStream", 11 | "logs:PutLogEvents", 12 | "logs:PutMetricFilter", 13 | "logs:PutRetentionPolicy" 14 | ], 15 | "Resource": [ 16 | "*" 17 | ] 18 | } 19 | ] 20 | }, 21 | "VersionId": "v1", 22 | "IsDefaultVersion": true, 23 | "CreateDate": "2015-02-06T18:41:30Z" 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /policies/AmazonSQSFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "sqs:*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-02-06T18:41:07Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonSQSReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "sqs:GetQueueAttributes", 9 | "sqs:GetQueueUrl", 10 | "sqs:ListDeadLetterSourceQueues", 11 | "sqs:ListQueues" 12 | ], 13 | "Effect": "Allow", 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v2", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2018-08-20T23:35:49Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonSSMAutomationApproverAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "ssm:DescribeAutomationExecutions", 10 | "ssm:GetAutomationExecution", 11 | "ssm:SendAutomationSignal" 12 | ], 13 | "Resource": [ 14 | "*" 15 | ] 16 | } 17 | ] 18 | }, 19 | "VersionId": "v1", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2017-08-07T23:07:28Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AmazonSSMDirectoryServiceAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "ds:CreateComputer", 10 | "ds:DescribeDirectories" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2019-03-15T17:44:38Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonSSMReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "ssm:Describe*", 10 | "ssm:Get*", 11 | "ssm:List*" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2015-05-29T17:44:19Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonSageMakerMechanicalTurkAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "sagemaker:*FlowDefinition", 10 | "sagemaker:*FlowDefinitions" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2019-12-03T16:19:36Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "codepipeline:StartPipelineExecution", 9 | "Resource": "arn:aws:codepipeline:*:*:sagemaker-*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2022-02-22T09:53:59Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "firehose:PutRecord", 10 | "firehose:PutRecordBatch" 11 | ], 12 | "Resource": "arn:aws:firehose:*:*:deliverystream/sagemaker-*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2022-02-22T09:54:35Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonSumerianFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "sumerian:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2018-04-24T20:14:16Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonTextractFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "textract:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2018-11-28T19:07:42Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonTextractServiceRole: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "sns:Publish" 10 | ], 11 | "Resource": "arn:aws:sns:*:*:AmazonTextract*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2018-11-28T19:12:16Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonTranscribeReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "transcribe:Get*", 10 | "transcribe:List*" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2018-04-04T16:05:06Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonWorkDocsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "workdocs:*", 10 | "ds:DescribeDirectories", 11 | "ec2:DescribeVpcs", 12 | "ec2:DescribeSubnets" 13 | ], 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2020-04-16T23:05:11Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonWorkDocsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "workdocs:Describe*", 10 | "ds:DescribeDirectories", 11 | "ec2:DescribeVpcs", 12 | "ec2:DescribeSubnets" 13 | ], 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2020-01-08T23:49:59Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonWorkLinkFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "worklink:*" 10 | ], 11 | "Resource": "arn:aws:worklink:*:*:*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v2", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2019-09-23T18:37:42Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonWorkLinkReadOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "worklink:Describe*", 10 | "worklink:List*", 11 | "worklink:Search*" 12 | ], 13 | "Resource": "arn:aws:worklink:*:*:*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v3", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2019-09-23T18:37:21Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonWorkMailEventsServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "logs:CreateLogGroup", 10 | "logs:CreateLogStream", 11 | "logs:PutLogEvents" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2019-04-16T16:52:43Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonWorkMailMessageFlowFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "workmailmessageflow:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2021-02-11T11:08:35Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonWorkMailMessageFlowReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "workmailmessageflow:Get*" 9 | ], 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2021-01-28T12:40:08Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonWorkSpacesApplicationManagerAdminAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "wam:AuthenticatePackager", 9 | "Resource": "*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2015-04-09T14:03:18Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonWorkSpacesSelfServiceAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "workspaces:RebootWorkspaces", 9 | "workspaces:RebuildWorkspaces", 10 | "workspaces:ModifyWorkspaceProperties" 11 | ], 12 | "Effect": "Allow", 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2019-06-27T19:22:52Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonWorkSpacesServiceAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "ec2:CreateNetworkInterface", 9 | "ec2:DeleteNetworkInterface", 10 | "ec2:DescribeNetworkInterfaces" 11 | ], 12 | "Effect": "Allow", 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v2", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2020-03-18T23:32:10Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonZocaloReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "zocalo:Describe*", 10 | "ds:DescribeDirectories", 11 | "ec2:DescribeVpcs", 12 | "ec2:DescribeSubnets" 13 | ], 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2015-02-06T18:41:14Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AutoScalingNotificationAccessRole: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Resource": "*", 9 | "Action": [ 10 | "sqs:SendMessage", 11 | "sqs:GetQueueUrl", 12 | "sns:Publish" 13 | ] 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2015-02-06T18:41:22Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AutoScalingReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "autoscaling:Describe*", 9 | "Resource": "*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2017-01-12T19:39:35Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/CertificateManagerServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "acm-pca:IssueCertificate", 10 | "acm-pca:GetCertificate" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2020-06-25T17:56:49Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/ClientVPNServiceConnectionsRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "lambda:InvokeFunction" 10 | ], 11 | "Resource": "arn:aws:lambda:*:*:function:AWSClientVPN-*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2020-08-12T19:48:06Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/CloudHSMServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "logs:CreateLogGroup", 10 | "logs:CreateLogStream", 11 | "logs:PutLogEvents", 12 | "logs:DescribeLogStreams" 13 | ], 14 | "Resource": [ 15 | "arn:aws:logs:*:*:*" 16 | ] 17 | } 18 | ] 19 | }, 20 | "VersionId": "v1", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2017-11-06T19:12:46Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/CloudSearchFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "cloudsearch:*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-02-06T18:39:56Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/CloudSearchReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "cloudsearch:Describe*", 9 | "cloudsearch:List*" 10 | ], 11 | "Effect": "Allow", 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2015-02-06T18:39:57Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/CloudWatch-CrossAccountAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "sts:AssumeRole" 9 | ], 10 | "Resource": [ 11 | "arn:aws:iam::*:role/CloudWatch-CrossAccountSharing*" 12 | ], 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2019-07-23T09:59:27Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/CloudWatchActionsEC2Access: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "cloudwatch:Describe*", 10 | "ec2:Describe*", 11 | "ec2:RebootInstances", 12 | "ec2:StopInstances", 13 | "ec2:TerminateInstances" 14 | ], 15 | "Resource": "*" 16 | } 17 | ] 18 | }, 19 | "VersionId": "v1", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2015-07-07T00:00:33Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/CloudWatchApplicationInsightsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "applicationinsights:Describe*", 10 | "applicationinsights:List*" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2020-11-24T18:48:00Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/CloudWatchEventsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "CloudWatchEventsFullAccess", 8 | "Effect": "Allow", 9 | "Action": "events:*", 10 | "Resource": "*" 11 | }, 12 | { 13 | "Sid": "IAMPassRoleForCloudWatchEvents", 14 | "Effect": "Allow", 15 | "Action": "iam:PassRole", 16 | "Resource": "arn:aws:iam::*:role/AWS_Events_Invoke_Targets" 17 | } 18 | ] 19 | }, 20 | "VersionId": "v1", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2016-01-14T18:37:08Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/CloudWatchEventsInvocationAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "CloudWatchEventsInvocationAccess", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "kinesis:PutRecord" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2016-01-14T18:36:33Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/CloudWatchLogsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "logs:*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-02-06T18:40:02Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/CloudWatchLogsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "logs:Describe*", 9 | "logs:Get*", 10 | "logs:List*", 11 | "logs:StartQuery", 12 | "logs:StopQuery", 13 | "logs:TestMetricFilter", 14 | "logs:FilterLogEvents" 15 | ], 16 | "Effect": "Allow", 17 | "Resource": "*" 18 | } 19 | ] 20 | }, 21 | "VersionId": "v4", 22 | "IsDefaultVersion": true, 23 | "CreateDate": "2019-01-14T19:32:45Z" 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /policies/CloudWatchSyntheticsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "synthetics:Describe*", 10 | "synthetics:Get*", 11 | "synthetics:List*" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v2", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2020-03-06T19:26:01Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/ComprehendDataAccessRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": { 6 | "Effect": "Allow", 7 | "Action": [ 8 | "s3:GetObject", 9 | "s3:ListBucket", 10 | "s3:PutObject" 11 | ], 12 | "Resource": [ 13 | "arn:aws:s3:::*Comprehend*", 14 | "arn:aws:s3:::*comprehend*" 15 | ] 16 | } 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2019-03-06T22:28:15Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/ComprehendFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "comprehend:*", 9 | "s3:ListAllMyBuckets", 10 | "s3:ListBucket", 11 | "s3:GetBucketLocation", 12 | "iam:ListRoles", 13 | "iam:GetRole" 14 | ], 15 | "Effect": "Allow", 16 | "Resource": "*" 17 | } 18 | ] 19 | }, 20 | "VersionId": "v2", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2017-12-05T01:36:24Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/ComprehendMedicalFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "comprehendmedical:*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2018-11-27T17:55:52Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/EC2InstanceConnect: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "EC2InstanceConnect", 8 | "Action": [ 9 | "ec2:DescribeInstances", 10 | "ec2-instance-connect:SendSSHPublicKey" 11 | ], 12 | "Effect": "Allow", 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2019-06-27T18:53:34Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/ECRReplicationServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "ecr:CreateRepository", 10 | "ecr:ReplicateImage" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2020-12-04T22:11:28Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/ElementalActivationsDownloadSoftwareAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "elemental-activations:Get*", 10 | "elemental-activations:Download*" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2020-09-08T17:26:09Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/ElementalActivationsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "elemental-activations:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2020-06-04T21:00:13Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/ElementalActivationsGenerateLicenses: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "elemental-activations:Get*", 10 | "elemental-activations:GenerateLicenses", 11 | "elemental-activations:StartFileUpload", 12 | "elemental-activations:CompleteFileUpload" 13 | ], 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2020-08-28T18:28:58Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/ElementalActivationsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "elemental-activations:Get*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2020-08-28T16:51:01Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/ElementalAppliancesSoftwareFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "elemental-appliances-software:*", 10 | "elemental-activations:CompleteAccountRegistration" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v4", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2021-02-05T21:01:25Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/ElementalAppliancesSoftwareReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "elemental-appliances-software:List*", 10 | "elemental-appliances-software:Get*" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2020-04-01T22:31:09Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/ElementalSupportCenterFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "elemental-support-cases:*", 10 | "elemental-support-content:*", 11 | "elemental-activations:CompleteAccountRegistration" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v2", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2021-02-05T21:02:54Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/FSxDeleteServiceLinkedRoleAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iam:DeleteServiceLinkedRole", 10 | "iam:GetServiceLinkedRoleDeletionStatus", 11 | "iam:GetRole" 12 | ], 13 | "Resource": "arn:*:iam::*:role/aws-service-role/s3.data-source.lustre.fsx.amazonaws.com/AWSServiceRoleForFSxS3Access_*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2018-11-28T10:40:24Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/GlobalAcceleratorReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "globalaccelerator:Describe*", 9 | "globalaccelerator:List*" 10 | ], 11 | "Effect": "Allow", 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2018-11-27T02:41:00Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/GreengrassOTAUpdateArtifactAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "AllowsIotToAccessGreengrassOTAUpdateArtifacts", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "s3:GetObject" 11 | ], 12 | "Resource": [ 13 | "arn:aws:s3:::*-greengrass-updates/*" 14 | ] 15 | } 16 | ] 17 | }, 18 | "VersionId": "v2", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2018-12-18T00:59:43Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/Health_OrganizationsServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "organizations:ListAccounts", 9 | "Resource": "*" 10 | }, 11 | { 12 | "Sid": "ListAWSServiceAccessForOrganization0", 13 | "Effect": "Allow", 14 | "Action": "organizations:ListAWSServiceAccessForOrganization", 15 | "Resource": "*" 16 | } 17 | ] 18 | }, 19 | "VersionId": "v2", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2020-06-08T12:48:44Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/IAMAccessAnalyzerReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "access-analyzer:Get*", 10 | "access-analyzer:List*", 11 | "access-analyzer:ValidatePolicy" 12 | ], 13 | "Resource": "*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v2", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2021-03-16T20:37:30Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/IAMReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iam:GenerateCredentialReport", 10 | "iam:GenerateServiceLastAccessedDetails", 11 | "iam:Get*", 12 | "iam:List*", 13 | "iam:SimulateCustomPolicy", 14 | "iam:SimulatePrincipalPolicy" 15 | ], 16 | "Resource": "*" 17 | } 18 | ] 19 | }, 20 | "VersionId": "v4", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2018-01-25T19:11:27Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/IAMUserSSHKeys: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "iam:DeleteSSHPublicKey", 10 | "iam:GetSSHPublicKey", 11 | "iam:ListSSHPublicKeys", 12 | "iam:UpdateSSHPublicKey", 13 | "iam:UploadSSHPublicKey" 14 | ], 15 | "Resource": "arn:aws:iam::*:user/${aws:username}" 16 | } 17 | ] 18 | }, 19 | "VersionId": "v1", 20 | "IsDefaultVersion": true, 21 | "CreateDate": "2015-07-09T17:08:54Z" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/IVSRecordToS3: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "s3:PutObject" 10 | ], 11 | "Resource": [ 12 | "arn:aws:s3:::AWSIVS_*/ivs/*" 13 | ] 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2020-12-05T00:10:43Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/LakeFormationDataAccessServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "s3:ListAllMyBuckets" 10 | ], 11 | "Resource": [ 12 | "arn:aws:s3:::*" 13 | ] 14 | } 15 | ] 16 | }, 17 | "VersionId": "v1", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2019-06-20T20:46:19Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/LexChannelPolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "lex:PostText" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2017-02-17T23:23:24Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/ServerMigrationServiceRoleForInstanceValidation: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "s3:GetObject", 9 | "Resource": "arn:aws:s3:::sms-app-*/*" 10 | }, 11 | { 12 | "Effect": "Allow", 13 | "Action": "sms:NotifyAppValidationOutput", 14 | "Resource": "*" 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2020-07-20T22:25:07Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/ServiceQuotasServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "support:*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v2", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2019-06-24T14:52:56Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/SimpleWorkflowFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": [ 8 | "swf:*" 9 | ], 10 | "Effect": "Allow", 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2015-02-06T18:41:04Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/WAFLoggingServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "firehose:PutRecord", 10 | "firehose:PutRecordBatch" 11 | ], 12 | "Resource": [ 13 | "arn:aws:firehose:*:*:deliverystream/aws-waf-logs-*" 14 | ] 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2018-08-24T21:05:47Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/WAFRegionalLoggingServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "firehose:PutRecord", 10 | "firehose:PutRecordBatch" 11 | ], 12 | "Resource": [ 13 | "arn:aws:firehose:*:*:deliverystream/aws-waf-logs-*" 14 | ] 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2018-08-24T18:40:55Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/WellArchitectedConsoleFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "wellarchitected:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2018-11-29T18:19:23Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/WellArchitectedConsoleReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "wellarchitected:Get*", 10 | "wellarchitected:List*" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2018-11-29T18:21:08Z" 19 | } 20 | } 21 | --------------------------------------------------------------------------------