├── .gitignore ├── CONTRIBUTING.md ├── LICENSE ├── README.md ├── bin └── cli.ts ├── data ├── all_aws_managed_policies │ ├── all_aws_managed_policies.json │ └── show_all_aws_managed_policies.py └── all_services.json ├── lib ├── index.ts ├── policies.ts ├── principals.ts ├── services.ts └── utils.ts ├── package.json ├── test ├── constants.test.ts └── utils.test.ts ├── tsconfig.json └── yarn.lock /.gitignore: -------------------------------------------------------------------------------- 1 | yarn-error.log 2 | .jsii 3 | 4 | dist/ 5 | 6 | *.js 7 | *.d.ts 8 | node_modules 9 | 10 | # CDK asset staging directory 11 | .cdk.staging 12 | cdk.out 13 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing to CDK Constants 2 | 3 | First of all, a great big thanks for wanting to contribute. 4 | 5 | This document goes over the process of setting up your environment and submitting contributions. 6 | 7 | ## Getting Started 8 | 9 | Download repo and make sure you can install dependencies. 10 | 11 | ``` 12 | git clone git@github.com:kevinslin/cdk-constants.git 13 | cd cdk-constants 14 | yarn 15 | 16 | # or if you use npm 17 | npm install 18 | 19 | 20 | # build dependencies 21 | yarn build 22 | 23 | ``` 24 | 25 | ## Updating an existing repository 26 | 27 | cdk-constants is split between modules where properties are generated vs properties that are manually added. Properties that are automatically generated have the following header 28 | ```typescript 29 | // NOTE: THIS IS MACHINE GENERATED. CHANGES WILL BE OVERWRITTEN! 30 | ``` 31 | 32 | Machine genrated files: 33 | - policies.ts 34 | 35 | Not Machine generated: 36 | - principals.ts 37 | 38 | ### Machine Generated files 39 | - for generated files, you can use `npm run fetch {source}` and `npm run update {source}` to refresh the documentation 40 | - to see available sources, run `node lib/bin/cli.js fetch help` 41 | - note that running the scripts might require additional dependencies to be installed in different languages (eg. `npm run update managed_policies` requires python and boto3 42 | - if you want to convert this to nodejs, contributions would be most welcome :) 43 | 44 | ### Not Machine Generated 45 | - changes here can be manually added 46 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright 2018-2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # CDK Constants 2 | 3 | This repository contains constants that make it easier to work with the [aws-cdk](https://github.com/aws/aws-cdk) (CDK). 4 | 5 | ## Why? 6 | 7 | The CDK is awesome but it currently lacks types when initializing constructs such as IAM service principals and managed policies. Finding the right construct names requires diving into AWS documentation. Because there is no verification of these construct initializers, errors are only surfaced after deployment and via a rollback. 8 | 9 | This library aims to be an up to date constants library for all things AWS so the above never happens again! 10 | 11 | ## Quickstart 12 | 13 | Install or update from npm 14 | 15 | TypeScript/Javascript 16 | 17 | ```console 18 | npm i cdk-constants 19 | 20 | ``` 21 | 22 | Python 23 | 24 | ```console 25 | pip install cdk-constants 26 | ``` 27 | 28 | ## Usage 29 | 30 | ** TypeScript ** 31 | 32 | ```typescript 33 | import { ServicePrincipals, ManagedPolicies } from "cdk-constants"; 34 | 35 | const lambdaRole = new Role(this, "lambdaDomainChecker", { 36 | assumedBy: new ServicePrincipal(ServicePrincipals.LAMBDA), 37 | managedPolicies: [ 38 | ManagedPolicy.fromAwsManagedPolicyName( 39 | ManagedPolicies.AWS_LAMBDA_BASIC_EXECUTION_ROLE 40 | ) 41 | ] 42 | }); 43 | ``` 44 | 45 | ** Python ** 46 | 47 | ```python 48 | from cdk_constants import ServicePrincipals, ManagedPolicies 49 | 50 | lambda_role = Role(self, "lambdaDomainChecker", 51 | assumed_by=ServicePrincipal(ServicePrincipals.LAMBDA), 52 | managed_policies=[ 53 | ManagedPolicy.from_aws_managed_policy_name(ManagedPolicies.AWS_LAMBDA_BASIC_EXECUTION_ROLE) 54 | ] 55 | ) 56 | ``` 57 | 58 | ## Properties 59 | 60 | ### [ServicePrincipals](https://github.com/kevinslin/cdk-constants/blob/master/lib/principals.ts) 61 | 62 | - AWS services principals 63 | 64 | ### [ManagedPolicies](https://github.com/kevinslin/cdk-constants/blob/master/lib/policies.ts) 65 | 66 | - Managed AWS policies 67 | 68 | ## Credits 69 | 70 | `cdk-constants` wouldn't be possible without modules from the following authors 71 | 72 | - [Jared Short](https://gist.github.com/shortjared): initial [gist](https://gist.github.com/shortjared/4c1e3fe52bdfa47522cfe5b41e5d6f22) of all service principals 73 | - [Gene Wood](https://gist.github.com/gene1wood): [gist](https://gist.github.com/gene1wood/55b358748be3c314f956) to pull all aws managed policies 74 | 75 | ## Contributions 76 | 77 | All contributors are welcome. As you are reading this, AWS has probably released a new service. Please see [CONTRIBUTING](CONTRIBUTING.md) for information on how to setup a development environment and submit code. 78 | 79 | Some upcoming items on the roadmap: 80 | 81 | - list of aws regions and azs, including gov and china 82 | - list of all iam permissions 83 | - [x] jsii compilation into different languages that CDK supports 84 | 85 | ## License 86 | 87 | cdk-constants is distributed under the [Apache License, Version 2.0](https://www.apache.org/licenses/LICENSE-2.0). 88 | 89 | See [LICENSE](./LICENSE) for more information. 90 | -------------------------------------------------------------------------------- /bin/cli.ts: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env node 2 | 3 | import * as yargs from "yargs"; 4 | import * as fs from "fs-extra"; 5 | import * as _ from "lodash"; 6 | import * as execa from "execa"; 7 | import * as pino from "pino"; 8 | import axios from "axios"; 9 | import { normalizeServiceName } from "../lib/utils"; 10 | const L = pino(); 11 | const SOURCES = ["managed_policies", "service_names"]; 12 | 13 | function classFromJson({ jsonObj, key }: { jsonObj: any; key: string }) { 14 | let out = 15 | "// NOTE: THIS IS MACHINE GENERATED. CHANGES WILL BE OVERWRITTEN!\n\n"; 16 | out += `export class ${_.upperFirst(_.camelCase(key))} {\n`; 17 | _.each(jsonObj, (v, k) => { 18 | out += ` public static readonly ${k} = "${v}"\n`; 19 | }); 20 | out += "}"; 21 | return out; 22 | } 23 | 24 | async function fetchConstants({ target }: { target: string }) { 25 | L.info({ ctx: "fetchConstants/enter", target }); 26 | try { 27 | switch (target) { 28 | case "managed_policies": 29 | let cmd = `python data/all_aws_managed_policies/show_all_aws_managed_policies.py > data/all_aws_managed_policies/all_aws_managed_policies.json`; 30 | let out = await execa.command(cmd); 31 | L.info({ ctx: "fetchConstants/exit", out }); 32 | break; 33 | case "service_names": 34 | const { data: json } = await axios.get( 35 | "https://docs.aws.amazon.com/IAM/latest/UserGuide/toc-contents.json" 36 | ); 37 | fs.writeJsonSync("data/all_services.json", json); 38 | const service_titles = 39 | json.contents[10].contents[3].contents[6].contents; 40 | fs.writeJsonSync("data/all_services_title.json", service_titles); 41 | break; 42 | default: 43 | throw `invalid target: ${target}`; 44 | } 45 | } catch (err) { 46 | L.error({ ctx: "fetchConstants/error", err }); 47 | throw err; 48 | } 49 | } 50 | 51 | async function updateConstants({ target }: { target: string }) { 52 | switch (target) { 53 | case "managed_policies": { 54 | let data = fs.readJsonSync( 55 | "./data/all_aws_managed_policies/all_aws_managed_policies.json" 56 | ); 57 | let results: any = {}; 58 | let blacklist = ["S_3", "EC_2", "IO_T"]; 59 | L.info({ ctx: "updateConstants/startConverting", target }); 60 | _.keys(data).forEach((key: string) => { 61 | let modKey = _.snakeCase(key).toUpperCase(); 62 | blacklist.forEach(ent => { 63 | if (modKey.indexOf(ent) >= 0) { 64 | modKey = modKey.replace(ent, ent.replace("_", "")); 65 | } 66 | }); 67 | let { Arn } = data[key]; 68 | /** 69 | * ARN will look like the following: 70 | * arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole 71 | * we want to find `aws:policy` and take the name of everything after 72 | */ 73 | let idx = Arn.indexOf("aws:policy") + 11; 74 | results[modKey] = Arn.slice(idx); 75 | }); 76 | L.info({ ctx: "updateConstants/stopConverting" }); 77 | let payload = classFromJson({ 78 | jsonObj: results, 79 | key: "MANAGED_POLICIES" 80 | }); 81 | fs.writeFileSync("./lib/policies.ts", payload); 82 | L.info({ ctx: "updateConstants/exit" }); 83 | break; 84 | } 85 | case "service_names": { 86 | let data = fs.readJsonSync("./data/all_services_title.json"); 87 | let out: any = {}; 88 | _.each(data, ent => (out[normalizeServiceName(ent.title)] = ent.title)); 89 | let payload = classFromJson({ jsonObj: out, key: "SERVICE_NAMES" }); 90 | fs.writeFileSync("./lib/services.ts", payload); 91 | break; 92 | } 93 | default: 94 | throw `invalid target: ${target}`; 95 | } 96 | } 97 | 98 | yargs 99 | .option("stage", { 100 | alias: "s" 101 | }) 102 | .command( 103 | ["fetch"], 104 | "fetch constants data", 105 | { 106 | targets: { 107 | description: "constants", 108 | choices: SOURCES, 109 | array: true 110 | } 111 | }, 112 | (argv: any) => { 113 | L.info({ argv }); 114 | let { targets } = argv; 115 | try { 116 | _.reduce( 117 | targets, 118 | async (prior: any, target: string) => { 119 | await prior; 120 | return fetchConstants({ target }); 121 | }, 122 | Promise.resolve() 123 | ); 124 | } catch (err) { 125 | L.error({ err }); 126 | } 127 | } 128 | ) 129 | .command( 130 | ["update"], 131 | "update constants", 132 | { 133 | targets: { 134 | description: "constants", 135 | choices: SOURCES, 136 | array: true 137 | } 138 | }, 139 | async (argv: any) => { 140 | let { targets } = argv; 141 | const resp = _.map(targets, (target: string) => { 142 | return updateConstants({ target }); 143 | }); 144 | await Promise.all(resp); 145 | L.info({ ctx: "update/exit" }); 146 | } 147 | ) 148 | .demandCommand() 149 | .help() 150 | .wrap(72).argv; 151 | -------------------------------------------------------------------------------- /data/all_aws_managed_policies/show_all_aws_managed_policies.py: -------------------------------------------------------------------------------- 1 | import boto3 2 | from datetime import datetime 3 | import json 4 | 5 | def json_serial(obj): 6 | """JSON serializer for objects not serializable by default json code""" 7 | 8 | if isinstance(obj, datetime): 9 | serial = obj.isoformat() 10 | return serial 11 | raise TypeError ("Type not serializable") 12 | 13 | client = boto3.client('iam') 14 | 15 | policies = {} 16 | 17 | paginator = client.get_paginator('list_policies') 18 | response_iterator = paginator.paginate(Scope='AWS') 19 | for response in response_iterator: 20 | for policy in response['Policies']: 21 | policies[policy['PolicyName']] = policy 22 | 23 | for policy_name in policies: 24 | response = client.get_policy_version( 25 | PolicyArn=policies[policy_name]['Arn'], 26 | VersionId=policies[policy_name]['DefaultVersionId']) 27 | for key in response['PolicyVersion']: 28 | policies[policy_name][key] = response['PolicyVersion'][key] 29 | 30 | print(json.dumps(policies, 31 | sort_keys=True, 32 | indent=4, 33 | separators=(',', ': '), 34 | default=json_serial)) -------------------------------------------------------------------------------- /data/all_services.json: -------------------------------------------------------------------------------- 1 | {"contents":[{"title":"What Is IAM?","href":"introduction","contents":[{"title":"Understanding How IAM Works","href":"intro-structure"},{"title":"Overview: Users","href":"introduction_identity-management"},{"title":"Overview: Permissions and Policies","href":"introduction_access-management"},{"title":"What Is ABAC for AWS?","href":"introduction_attribute-based-access-control"},{"title":"Security Features Outside of IAM","href":"introduction_security-outside-iam"},{"title":"Quick Links to Common Tasks","href":"introduction_quick-links-common-tasks"}]},{"title":"Getting Set Up","href":"getting-set-up"},{"title":"Getting Started","href":"getting-started","contents":[{"title":"Creating an IAM Admin User and Group","href":"getting-started_create-admin-group"},{"title":"Creating a Delegated User","href":"getting-started_create-delegated-user"},{"title":"How Users Sign In to Your Account","href":"getting-started_how-users-sign-in"}]},{"title":"Tutorials","href":"tutorials","contents":[{"title":"Delegate Access to the Billing Console","href":"tutorial_billing"},{"title":"Delegate Access Across AWS Accounts Using Roles","href":"tutorial_cross-account-with-roles"},{"title":"Create a Customer Managed Policy","href":"tutorial_managed-policies"},{"title":"Using Tags for ABAC","href":"tutorial_attribute-based-access-control","contents":[{"title":"Using SAML Session Tags for ABAC","href":"tutorial_abac-saml"}]},{"title":"Enable Users to Configure Their Own Credentials and MFA Settings","href":"tutorial_users-self-manage-mfa-and-creds"}]},{"title":"Best Practices and Use Cases","href":"IAMBestPracticesAndUseCases","contents":[{"title":"Best Practices","href":"best-practices"},{"title":"Business Use Cases","href":"IAM_UseCases"}]},{"title":"IAM Console and Sign-in Page","href":"console","contents":[{"title":"Controlling User Access to the AWS Management Console","href":"console_controlling-access"},{"title":"Your AWS Account ID and Its Alias","href":"console_account-alias"},{"title":"Using MFA Devices With Your IAM Sign-in Page","href":"console_sign-in-mfa"},{"title":"IAM Console Search","href":"console_search"}]},{"title":"Identities","href":"id","contents":[{"title":"Users","href":"id_users","contents":[{"title":"Adding a User","href":"id_users_create"},{"title":"How IAM Users Sign In to AWS","href":"id_users_sign-in"},{"title":"Managing Users","href":"id_users_manage"},{"title":"Changing Permissions for a User","href":"id_users_change-permissions"},{"title":"Passwords","href":"id_credentials_passwords","contents":[{"title":"Changing the Root User Password","href":"id_credentials_passwords_change-root"},{"title":"Setting a Password Policy","href":"id_credentials_passwords_account-policy"},{"title":"Managing User Passwords","href":"id_credentials_passwords_admin-change-user"},{"title":"Permitting Users to Change Their Own Passwords","href":"id_credentials_passwords_enable-user-change"},{"title":"How an IAM User Changes Their Own Password","href":"id_credentials_passwords_user-change-own"}]},{"title":"Access Keys","href":"id_credentials_access-keys"},{"title":"Retrieving Lost Passwords or Access Keys","href":"id_credentials_access-keys_retrieve"},{"title":"Multi-Factor Authentication (MFA)","href":"id_credentials_mfa","contents":[{"title":"Enabling MFA Devices","href":"id_credentials_mfa_enable","contents":[{"title":"Enabling a Virtual MFA Device (Console)","href":"id_credentials_mfa_enable_virtual"},{"title":"Enabling a U2F Security Key (Console)","href":"id_credentials_mfa_enable_u2f","contents":[{"title":"Supported Configurations for Using U2F Security Keys","href":"id_credentials_mfa_u2f_supported_configurations"}]},{"title":"Enabling a Hardware MFA Device (Console)","href":"id_credentials_mfa_enable_physical"},{"title":"PREVIEW – Enabling SMS Text Message MFA Devices","href":"id_credentials_mfa_enable_sms"},{"title":"Enabling and Managing Virtual MFA Devices (AWS CLI or AWS API)","href":"id_credentials_mfa_enable_cliapi"}]},{"title":"Checking MFA Status","href":"id_credentials_mfa_checking-status"},{"title":"Resynchronizing Virtual and Hardware MFA Devices","href":"id_credentials_mfa_sync"},{"title":"Deactivating MFA Devices","href":"id_credentials_mfa_disable"},{"title":"What If an MFA Device Is Lost or Stops Working?","href":"id_credentials_mfa_lost-or-broken"},{"title":"Configuring MFA-Protected API Access","href":"id_credentials_mfa_configure-api-require"},{"title":"Sample Code: MFA","href":"id_credentials_mfa_sample-code"}]},{"title":"Finding Unused Credentials","href":"id_credentials_finding-unused"},{"title":"Getting Credential Reports","href":"id_credentials_getting-report"},{"title":"Using IAM with CodeCommit: Git Credentials, SSH Keys, and AWS Access Keys","href":"id_credentials_ssh-keys"},{"title":"Working with Server Certificates","href":"id_credentials_server-certs"}]},{"title":"Groups","href":"id_groups","contents":[{"title":"Creating Groups","href":"id_groups_create"},{"title":"Managing Groups","href":"id_groups_manage","contents":[{"title":"Listing IAM Groups","href":"id_groups_manage_list"},{"title":"Adding and Removing Users in an IAM Group","href":"id_groups_manage_add-remove-users"},{"title":"Attaching a Policy to an IAM Group","href":"id_groups_manage_attach-policy"},{"title":"Renaming an IAM Group","href":"id_groups_manage_rename"},{"title":"Deleting a Group","href":"id_groups_manage_delete"}]}]},{"title":"Roles","href":"id_roles","contents":[{"title":"Terms and Concepts","href":"id_roles_terms-and-concepts"},{"title":"Common Scenarios","href":"id_roles_common-scenarios","contents":[{"title":"Providing Access Across AWS Accounts","href":"id_roles_common-scenarios_aws-accounts"},{"title":"Providing Access to Third-Party AWS Accounts","href":"id_roles_common-scenarios_third-party"},{"title":"Providing Access to AWS Services","href":"id_roles_common-scenarios_services"},{"title":"Providing Access Through Identity Federation","href":"id_roles_common-scenarios_federated-users"}]},{"title":"Identity Providers and Federation","href":"id_roles_providers","contents":[{"title":"About Web Identity Federation","href":"id_roles_providers_oidc","contents":[{"title":"Using Amazon Cognito for Mobile Apps","href":"id_roles_providers_oidc_cognito"},{"title":"Using Web Identity Federation API Operations for Mobile Apps","href":"id_roles_providers_oidc_manual"},{"title":"Identifying Users with Web Identity Federation","href":"id_roles_providers_oidc_user-id"},{"title":"Additional Resources for Web Identity Federation","href":"id_roles_providers_oidc_resources"}]},{"title":"About SAML 2.0 Federation","href":"id_roles_providers_saml"},{"title":"Creating IAM Identity Providers","href":"id_roles_providers_create","contents":[{"title":"Creating OIDC Identity Providers","href":"id_roles_providers_create_oidc","contents":[{"title":"Obtaining the Thumbprint for an OIDC Identity Provider","href":"id_roles_providers_create_oidc_verify-thumbprint"}]},{"title":"Creating IAM SAML Identity Providers","href":"id_roles_providers_create_saml","contents":[{"title":"Configuring Relying Party Trust and Claims","href":"id_roles_providers_create_saml_relying-party"},{"title":"Integrating Third-Party SAML Solution Providers with AWS","href":"id_roles_providers_saml_3rd-party"},{"title":"Configuring SAML Assertions for the Authentication Response","href":"id_roles_providers_create_saml_assertions"}]}]},{"title":"Enable SAML 2.0 Federated Users to Access the AWS Console","href":"id_roles_providers_enable-console-saml"},{"title":"Enabling Custom Identity Broker Access to the AWS Console","href":"id_roles_providers_enable-console-custom-url"}]},{"title":"Service-Linked Roles","href":"using-service-linked-roles"},{"title":"Creating Roles","href":"id_roles_create","contents":[{"title":"Creating a Role for an IAM User","href":"id_roles_create_for-user","contents":[{"title":"Using an External ID for Third-Party Access","href":"id_roles_create_for-user_externalid"}]},{"title":"Creating a Role for an AWS Service","href":"id_roles_create_for-service"},{"title":"Creating a Role for Identity Federation","href":"id_roles_create_for-idp","contents":[{"title":"Creating a Role for Web Identity/OIDC Federation","href":"id_roles_create_for-idp_oidc"},{"title":"Creating a Role for SAML 2.0 Federation","href":"id_roles_create_for-idp_saml"}]},{"title":"Examples of Policies for Delegating Access","href":"id_roles_create_policy-examples"}]},{"title":"Using Roles","href":"id_roles_use","contents":[{"title":"Granting a User Permissions to Switch Roles","href":"id_roles_use_permissions-to-switch"},{"title":"Granting Permissions to Pass a Role to a Service","href":"id_roles_use_passrole"},{"title":"Switching Roles (Console)","href":"id_roles_use_switch-role-console"},{"title":"Switching Roles (AWS CLI)","href":"id_roles_use_switch-role-cli"},{"title":"Switching Roles (Tools for Windows PowerShell)","href":"id_roles_use_switch-role-twp"},{"title":"Switching Roles (AWS API)","href":"id_roles_use_switch-role-api"},{"title":"Using Roles for Applications on Amazon EC2","href":"id_roles_use_switch-role-ec2","contents":[{"title":"Using Instance Profiles","href":"id_roles_use_switch-role-ec2_instance-profiles"}]},{"title":"Revoking Role Temporary Credentials","href":"id_roles_use_revoke-sessions"}]},{"title":"Managing Roles","href":"id_roles_manage","contents":[{"title":"Modifying a Role","href":"id_roles_manage_modify","contents":[{"title":"Modifying a Role (Console)","href":"roles-managingrole-editing-console"},{"title":"Modifying a Role (AWS CLI)","href":"roles-managingrole-editing-cli"},{"title":"Modifying a Role (AWS API)","href":"roles-managingrole-editing-api"}]},{"title":"Deleting Roles or Instance Profiles","href":"id_roles_manage_delete"}]},{"title":"Roles vs. Resource-based Policies","href":"id_roles_compare-resource-policies"}]},{"title":"Tagging Users and Roles","href":"id_tags","contents":[{"title":"Session Tags","href":"id_session-tags"}]},{"title":"Temporary Security Credentials","href":"id_credentials_temp","contents":[{"title":"Requesting Temporary Security Credentials","href":"id_credentials_temp_request"},{"title":"Using Temporary Credentials With AWS Resources","href":"id_credentials_temp_use-resources"},{"title":"Controlling Permissions for Temporary Security Credentials","href":"id_credentials_temp_control-access","contents":[{"title":"Permissions for AssumeRole API Operations","href":"id_credentials_temp_control-access_assumerole"},{"title":"Permissions for GetFederationToken","href":"id_credentials_temp_control-access_getfederationtoken"},{"title":"Permissions for GetSessionToken","href":"id_credentials_temp_control-access_getsessiontoken"},{"title":"Disabling Permissions","href":"id_credentials_temp_control-access_disable-perms"},{"title":"Granting Permissions to Create Credentials","href":"id_credentials_temp_control-access_enable-create"}]},{"title":"Managing AWS STS in an AWS Region","href":"id_credentials_temp_enable-regions"},{"title":"Using AWS STS Interface VPC Endpoints","href":"id_credentials_sts_vpce"},{"title":"Sample Applications That Use Temporary Credentials","href":"id_credentials_temp_sample-apps"},{"title":"Additional Resources for Temporary Credentials","href":"id_credentials_temp_related-topics"}]},{"title":"The Root User","href":"id_root-user"},{"title":"Log Events with CloudTrail","href":"cloudtrail-integration"}]},{"title":"Access Management","href":"access","contents":[{"title":"Policies & Permissions","href":"access_policies","contents":[{"title":"Managed Policies and Inline Policies","href":"access_policies_managed-vs-inline","contents":[{"title":"Deprecated AWS Managed Policies","href":"access_policies_managed-deprecated"}]},{"title":"Permissions Boundaries","href":"access_policies_boundaries"},{"title":"Identity vs Resource","href":"access_policies_identity-vs-resource"},{"title":"Control Access Using Policies","href":"access_controlling"},{"title":"Control Access Using IAM Tags","href":"access_iam-tags"},{"title":"Control Access Using AWS Resource Tags","href":"access_tags"},{"title":"Example Policies","href":"access_policies_examples","contents":[{"title":"AWS: Specific Access During a Date Range","href":"reference_policies_examples_aws-dates"},{"title":"AWS: Enable or Disable AWS Regions","href":"reference_policies_examples_aws-enable-disable-regions"},{"title":"AWS: Self-Manage Credentials with MFA (My Security Credentials)","href":"reference_policies_examples_aws_my-sec-creds-self-manage"},{"title":"AWS: Specific Access With MFA During a Date Range","href":"reference_policies_examples_aws_mfa-dates"},{"title":"AWS: Self-Manage Credentials No MFA (My Security Credentials)","href":"reference_policies_examples_aws_my-sec-creds-self-manage-no-mfa"},{"title":"AWS: Self-Manage MFA Device (My Security Credentials)","href":"reference_policies_examples_aws_my-sec-creds-self-manage-mfa-only"},{"title":"AWS: Self-Manage Console Password (My Security Credentials)","href":"reference_policies_examples_aws_my-sec-creds-self-manage-password-only"},{"title":"AWS: Self-Manage Password, Access Keys, & SSH Public Keys (My Security Credentials)","href":"reference_policies_examples_aws_my-sec-creds-self-manage-pass-accesskeys-ssh"},{"title":"AWS: Deny Access Based on Requested Region","href":"reference_policies_examples_aws_deny-requested-region"},{"title":"AWS: Deny Access Based on Source IP","href":"reference_policies_examples_aws_deny-ip"},{"title":"Data Pipeline: Deny Access to Pipelines Not Created by User","href":"reference_policies_examples_datapipeline_not-owned"},{"title":"DynamoDB: Access Specific Table","href":"reference_policies_examples_dynamodb_specific-table"},{"title":"DynamoDB: Allow Access to Specific Columns","href":"reference_policies_examples_dynamodb_columns"},{"title":"DynamoDB: Allow Row Access Based on a Cognito ID","href":"reference_policies_examples_dynamodb_rows"},{"title":"EC2: Allows an Instance to Attach or Detach Volumes","href":"reference_policies_examples_ec2_volumes-instance"},{"title":"EC2: Attach or Detach Tagged EBS Volumes","href":"reference_policies_examples_ec2_ebs-owner"},{"title":"EC2: Launch Instances in a Subnet (Includes Console)","href":"reference_policies_examples_ec2_instances-subnet"},{"title":"EC2: Manage Security Groups in a VPC (Includes Console)","href":"reference_policies_examples_ec2_securitygroups-vpc"},{"title":"EC2: Start or Stop Instances a User Has Tagged (Includes Console)","href":"reference_policies_examples_ec2_tag-owner"},{"title":"EC2: Start or Stop Instances Based on Tags","href":"reference_policies_examples_ec2-start-stop-tags"},{"title":"EC2: Start or Stop for Matching Tags","href":"reference_policies_examples_ec2-start-stop-match-tags"},{"title":"EC2: Full Access Within a Region (Includes Console)","href":"reference_policies_examples_ec2_region"},{"title":"EC2: Start or Stop an Instance, Modify Security Group (Includes Console)","href":"reference_policies_examples_ec2_instance-securitygroup"},{"title":"EC2: Requires MFA (GetSessionToken) for Operations","href":"reference_policies_examples_ec2_require-mfa"},{"title":"EC2: Limit Terminating Instances to IP Range","href":"reference_policies_examples_ec2_terminate-ip"},{"title":"IAM: Access the Policy Simulator API","href":"reference_policies_examples_iam_policy-sim"},{"title":"IAM: Access the Policy Simulator Console","href":"reference_policies_examples_iam_policy-sim-console"},{"title":"IAM: Assume Tagged Roles","href":"reference_policies_examples_iam-assume-tagged-role"},{"title":"IAM: Allows and Denies Multiple Services (Includes Console)","href":"reference_policies_examples_iam_multiple-services-console"},{"title":"IAM: Add Specific Tag to Tagged User","href":"reference_policies_examples_iam-add-tag"},{"title":"IAM: Add a Specific Tag","href":"reference_policies_examples_iam-add-tag-user-role"},{"title":"IAM: Create Only Tagged Users","href":"reference_policies_examples_iam-new-user-tag"},{"title":"IAM: Generate Credential Reports","href":"reference_policies_examples_iam-credential-report"},{"title":"IAM: Manage Group Membership (Includes Console)","href":"reference_policies_examples_iam_manage-group-membership"},{"title":"IAM: Manage a Tag","href":"reference_policies_examples_iam-manage-tags"},{"title":"IAM: Pass a role to a service","href":"reference_policies_examples_iam-passrole-service"},{"title":"IAM: Read-Only Console Access (No Reporting)","href":"reference_policies_examples_iam_read-only-console-no-reporting"},{"title":"IAM: Read-Only Console Access","href":"reference_policies_examples_iam_read-only-console"},{"title":"IAM: Specific Users Manage Group (Includes Console)","href":"reference_policies_examples_iam_users-manage-group"},{"title":"IAM: Setting Account Password Requirements (Includes Console)","href":"reference_policies_examples_iam_set-account-pass-policy"},{"title":"IAM: Access the Policy Simulator API Based on User Path","href":"reference_policies_examples_iam_policy-sim-path"},{"title":"IAM: Access the Policy Simulator Console Based on User Path (Includes Console)","href":"reference_policies_examples_iam_policy-sim-path-console"},{"title":"IAM: MFA Self-Management","href":"reference_policies_examples_iam_mfa-selfmanage"},{"title":"IAM: Rotate Credentials (Includes Console)","href":"reference_policies_examples_iam_credentials_console"},{"title":"IAM: View Organizations service last accessed data for a policy","href":"reference_policies_examples_iam_service-accessed-data-orgs"},{"title":"IAM: Apply Limited Managed Policies","href":"reference_policies_examples_iam_limit-managed"},{"title":"Lambda: Service access to DynamoDB","href":"reference_policies_examples_lambda-access-dynamodb"},{"title":"RDS: Full Access Within a Region","href":"reference_policies_examples_rds_region"},{"title":"RDS: Restore Databases (Includes Console)","href":"reference_policies_examples_rds_db-console"},{"title":"RDS: Full Access for Tag Owners","href":"reference_policies_examples_rds_tag-owner"},{"title":"S3: Access Bucket if Cognito","href":"reference_policies_examples_s3_cognito-bucket"},{"title":"S3: Access Federated User Home Directory (Includes Console)","href":"reference_policies_examples_s3_federated-home-directory-console"},{"title":"S3: Full Access with Recent MFA","href":"reference_policies_examples_s3_full-access-except-production"},{"title":"S3: Access IAM User Home Directory (Includes Console)","href":"reference_policies_examples_s3_home-directory-console"},{"title":"S3: Limit Managing to a Specific Bucket","href":"reference_policies_examples_s3_deny-except-bucket"},{"title":"S3: Read and Write Objects to a Specific Bucket","href":"reference_policies_examples_s3_rw-bucket"},{"title":"S3: Read and Write to a Specific Bucket (Includes Console)","href":"reference_policies_examples_s3_rw-bucket-console"}]}]},{"title":"Managing IAM Policies","href":"access_policies_manage","contents":[{"title":"Creating IAM Policies","href":"access_policies_create"},{"title":"Validating JSON Policies","href":"access_policies_policy-validator"},{"title":"Testing IAM Policies","href":"access_policies_testing-policies"},{"title":"Add or Remove Identity Permissions","href":"access_policies_manage-attach-detach"},{"title":"Versioning IAM Policies","href":"access_policies_managed-versioning"},{"title":"Editing IAM Policies","href":"access_policies_manage-edit"},{"title":"Deleting IAM Policies","href":"access_policies_manage-delete"},{"title":"Reduce Permissions Using Access Data","href":"access_policies_access-advisor","contents":[{"title":"View IAM Access Data","href":"access_policies_access-advisor-view-data"},{"title":"View Access Data for Organizations","href":"access_policies_access-advisor-view-data-orgs"},{"title":"Example Scenarios","href":"access_policies_access-advisor-example-scenarios"}]}]},{"title":"Understanding Policies","href":"access_policies_understand","contents":[{"title":"Policy Summary (List of Services)","href":"access_policies_understand-policy-summary","contents":[{"title":"Access Levels in Policy Summaries","href":"access_policies_understand-policy-summary-access-level-summaries"}]},{"title":"Service Summary (List of Actions)","href":"access_policies_understand-service-summary"},{"title":"Action Summary (List of Resources)","href":"access_policies_understand-action-summary"},{"title":"Example Policy Summaries","href":"access_policies_policy-summary-examples"}]},{"title":"Permissions Required","href":"access_permissions-required","contents":[{"title":"Example Policies for IAM","href":"id_credentials_delegate-permissions_examples"}]}]},{"title":"Access Analyzer","href":"what-is-access-analyzer","contents":[{"title":"Supported Resource Types","href":"access-analyzer-resources"},{"title":"How Access Analyzer Works","href":"access-analyzer-concepts"},{"title":"Getting Started","href":"access-analyzer-getting-started","contents":[{"title":"Using Service-Linked Roles","href":"access-analyzer-using-service-linked-roles"}]},{"title":"Access Analyzer Findings","href":"access-analyzer-findings","contents":[{"title":"Working with Findings","href":"access-analyzer-work-with-findings"},{"title":"Review Findings","href":"access-analyzer-findings-view"},{"title":"Filtering Findings","href":"access-analyzer-findings-filter"},{"title":"Archiving Findings","href":"access-analyzer-findings-archive"},{"title":"Resolving Findings","href":"access-analyzer-findings-remediate"}]},{"title":"Archive Rules","href":"access-analyzer-archive-rules"},{"title":"Monitoring with EventBridge","href":"access-analyzer-eventbridge"},{"title":"Logging with CloudTrail","href":"logging-using-cloudtrail"}]},{"title":"Troubleshooting IAM","href":"troubleshoot","contents":[{"title":"Troubleshooting General Issues","href":"troubleshoot_general"},{"title":"Troubleshoot Policies","href":"troubleshoot_policies"},{"title":"Troubleshooting U2F Security Keys","href":"troubleshoot_mfa-u2f"},{"title":"Troubleshooting IAM Roles","href":"troubleshoot_roles"},{"title":"Troubleshooting Amazon EC2 and IAM","href":"troubleshoot_iam-ec2"},{"title":"Troubleshooting Amazon S3 and IAM","href":"troubleshoot_iam-s3"},{"title":"Troubleshooting SAML 2.0 Federation with AWS","href":"troubleshoot_saml","contents":[{"title":"How to View a SAML Response in Your Browser for Troubleshooting","href":"troubleshoot_saml_view-saml-response"}]}]},{"title":"Reference","href":"reference","contents":[{"title":"IAM Identifiers","href":"reference_identifiers"},{"title":"Limits","href":"reference_iam-limits"},{"title":"Services That Work with IAM","href":"reference_aws-services-that-work-with-iam"},{"title":"Policy Reference","href":"reference_policies","contents":[{"title":"JSON Element Reference","href":"reference_policies_elements","contents":[{"title":"Version","href":"reference_policies_elements_version"},{"title":"Id","href":"reference_policies_elements_id"},{"title":"Statement","href":"reference_policies_elements_statement"},{"title":"Sid","href":"reference_policies_elements_sid"},{"title":"Effect","href":"reference_policies_elements_effect"},{"title":"Principal","href":"reference_policies_elements_principal"},{"title":"NotPrincipal","href":"reference_policies_elements_notprincipal"},{"title":"Action","href":"reference_policies_elements_action"},{"title":"NotAction","href":"reference_policies_elements_notaction"},{"title":"Resource","href":"reference_policies_elements_resource"},{"title":"NotResource","href":"reference_policies_elements_notresource"},{"title":"Condition","href":"reference_policies_elements_condition","contents":[{"title":"Condition Operators","href":"reference_policies_elements_condition_operators"},{"title":"Conditions with Multiple Keys or Values","href":"reference_policies_multi-value-conditions"}]},{"title":"Variables and Tags","href":"reference_policies_variables"},{"title":"Supported Data Types","href":"reference_policies_elements_datatypes"}]},{"title":"Policy Evaluation Logic","href":"reference_policies_evaluation-logic"},{"title":"Policy Grammar","href":"reference_policies_grammar"},{"title":"AWS Managed Policies for Job Functions","href":"access_policies_job-functions"},{"title":"Global Condition Keys","href":"reference_policies_condition-keys"},{"title":"IAM Condition Keys","href":"reference_policies_iam-condition-keys"},{"title":"Actions, Resources, and Condition Keys","href":"reference_policies_actions-resources-contextkeys","contents":[{"title":"AWS Accounts","href":"list_awsaccounts"},{"title":"Alexa for Business","href":"list_alexaforbusiness"},{"title":"AWS Amplify","href":"list_awsamplify"},{"title":"Amazon API Gateway","href":"list_amazonapigateway"},{"title":"AWS App Mesh","href":"list_awsappmesh"},{"title":"AWS App Mesh Preview","href":"list_awsappmeshpreview"},{"title":"Application Auto Scaling","href":"list_applicationautoscaling"},{"title":"Application Discovery","href":"list_applicationdiscovery"},{"title":"Application Discovery Arsenal","href":"list_applicationdiscoveryarsenal"},{"title":"Amazon AppStream 2.0","href":"list_amazonappstream2.0"},{"title":"AWS AppSync","href":"list_awsappsync"},{"title":"AWS Artifact","href":"list_awsartifact"},{"title":"Amazon Athena","href":"list_amazonathena"},{"title":"AWS Auto Scaling","href":"list_awsautoscaling"},{"title":"AWS Backup","href":"list_awsbackup"},{"title":"AWS Backup storage","href":"list_awsbackupstorage"},{"title":"AWS Batch","href":"list_awsbatch"},{"title":"AWS Billing","href":"list_awsbilling"},{"title":"AWS Budget Service","href":"list_awsbudgetservice"},{"title":"AWS Certificate Manager","href":"list_awscertificatemanager"},{"title":"AWS Certificate Manager Private Certificate Authority","href":"list_awscertificatemanagerprivatecertificateauthority"},{"title":"AWS Chatbot","href":"list_awschatbot"},{"title":"Amazon Chime","href":"list_amazonchime"},{"title":"Amazon Cloud Directory","href":"list_amazonclouddirectory"},{"title":"AWS Cloud Map","href":"list_awscloudmap"},{"title":"AWS Cloud9","href":"list_awscloud9"},{"title":"AWS CloudFormation","href":"list_awscloudformation"},{"title":"Amazon CloudFront","href":"list_amazoncloudfront"},{"title":"AWS CloudHSM","href":"list_awscloudhsm"},{"title":"Amazon CloudSearch","href":"list_amazoncloudsearch"},{"title":"AWS CloudTrail","href":"list_awscloudtrail"},{"title":"Amazon CloudWatch","href":"list_amazoncloudwatch"},{"title":"CloudWatch Application Insights","href":"list_cloudwatchapplicationinsights"},{"title":"Amazon CloudWatch Logs","href":"list_amazoncloudwatchlogs"},{"title":"Amazon CloudWatch Synthetics","href":"list_amazoncloudwatchsynthetics"},{"title":"AWS Code Signing for Amazon FreeRTOS","href":"list_awscodesigningforamazonfreertos"},{"title":"AWS CodeBuild","href":"list_awscodebuild"},{"title":"AWS CodeCommit","href":"list_awscodecommit"},{"title":"AWS CodeDeploy","href":"list_awscodedeploy"},{"title":"AWS CodePipeline","href":"list_awscodepipeline"},{"title":"AWS CodeStar","href":"list_awscodestar"},{"title":"AWS CodeStar Notifications","href":"list_awscodestarnotifications"},{"title":"Amazon Cognito Identity","href":"list_amazoncognitoidentity"},{"title":"Amazon Cognito Sync","href":"list_amazoncognitosync"},{"title":"Amazon Cognito User Pools","href":"list_amazoncognitouserpools"},{"title":"Amazon Comprehend","href":"list_amazoncomprehend"},{"title":"Comprehend Medical","href":"list_comprehendmedical"},{"title":"Compute Optimizer","href":"list_computeoptimizer"},{"title":"AWS Config","href":"list_awsconfig"},{"title":"Amazon Connect","href":"list_amazonconnect"},{"title":"AWS Cost and Usage Report","href":"list_awscostandusagereport"},{"title":"AWS Cost Explorer Service","href":"list_awscostexplorerservice"},{"title":"AWS Data Exchange","href":"list_awsdataexchange"},{"title":"Amazon Data Lifecycle Manager","href":"list_amazondatalifecyclemanager"},{"title":"Data Pipeline","href":"list_datapipeline"},{"title":"AWS Database Migration Service","href":"list_awsdatabasemigrationservice"},{"title":"Database Query Metadata Service","href":"list_databasequerymetadataservice"},{"title":"DataSync","href":"list_datasync"},{"title":"AWS DeepLens","href":"list_awsdeeplens"},{"title":"AWS DeepRacer","href":"list_awsdeepracer"},{"title":"Amazon Detective","href":"list_amazondetective"},{"title":"AWS Device Farm","href":"list_awsdevicefarm"},{"title":"AWS Direct Connect","href":"list_awsdirectconnect"},{"title":"AWS Directory Service","href":"list_awsdirectoryservice"},{"title":"Amazon DynamoDB","href":"list_amazondynamodb"},{"title":"Amazon DynamoDB Accelerator (DAX)","href":"list_amazondynamodbacceleratordax"},{"title":"Amazon EC2","href":"list_amazonec2"},{"title":"Amazon EC2 Auto Scaling","href":"list_amazonec2autoscaling"},{"title":"Amazon EC2 Image Builder","href":"list_amazonec2imagebuilder"},{"title":"Amazon EC2 Instance Connect","href":"list_amazonec2instanceconnect"},{"title":"AWS Elastic Beanstalk","href":"list_awselasticbeanstalk"},{"title":"Amazon Elastic Block Store","href":"list_amazonelasticblockstore"},{"title":"Amazon Elastic Container Registry","href":"list_amazonelasticcontainerregistry"},{"title":"Amazon Elastic Container Service","href":"list_amazonelasticcontainerservice"},{"title":"Amazon Elastic Container Service for Kubernetes","href":"list_amazonelasticcontainerserviceforkubernetes"},{"title":"Amazon Elastic File System","href":"list_amazonelasticfilesystem"},{"title":"Amazon Elastic Inference","href":"list_amazonelasticinference"},{"title":"Elastic Load Balancing","href":"list_elasticloadbalancing"},{"title":"Elastic Load Balancing V2","href":"list_elasticloadbalancingv2"},{"title":"Amazon Elastic MapReduce","href":"list_amazonelasticmapreduce"},{"title":"Amazon Elastic Transcoder","href":"list_amazonelastictranscoder"},{"title":"Amazon ElastiCache","href":"list_amazonelasticache"},{"title":"Amazon Elasticsearch Service","href":"list_amazonelasticsearchservice"},{"title":"AWS Elemental MediaConnect","href":"list_awselementalmediaconnect"},{"title":"AWS Elemental MediaConvert","href":"list_awselementalmediaconvert"},{"title":"AWS Elemental MediaLive","href":"list_awselementalmedialive"},{"title":"AWS Elemental MediaPackage","href":"list_awselementalmediapackage"},{"title":"AWS Elemental MediaPackage VOD","href":"list_awselementalmediapackagevod"},{"title":"AWS Elemental MediaStore","href":"list_awselementalmediastore"},{"title":"AWS Elemental MediaTailor","href":"list_awselementalmediatailor"},{"title":"Amazon EventBridge","href":"list_amazoneventbridge"},{"title":"Amazon EventBridge Schemas","href":"list_amazoneventbridgeschemas"},{"title":"AWS Firewall Manager","href":"list_awsfirewallmanager"},{"title":"Amazon Forecast","href":"list_amazonforecast"},{"title":"Amazon Fraud Detector","href":"list_amazonfrauddetector"},{"title":"Amazon FreeRTOS","href":"list_amazonfreertos"},{"title":"Amazon FSx","href":"list_amazonfsx"},{"title":"Amazon GameLift","href":"list_amazongamelift"},{"title":"Amazon Glacier","href":"list_amazonglacier"},{"title":"AWS Global Accelerator","href":"list_awsglobalaccelerator"},{"title":"AWS Glue","href":"list_awsglue"},{"title":"AWS Ground Station","href":"list_awsgroundstation"},{"title":"Amazon GroundTruth Labeling","href":"list_amazongroundtruthlabeling"},{"title":"Amazon GuardDuty","href":"list_amazonguardduty"},{"title":"AWS Health APIs and Notifications","href":"list_awshealthapisandnotifications"},{"title":"IAM Access Analyzer","href":"list_iamaccessanalyzer"},{"title":"Identity And Access Management","href":"list_identityandaccessmanagement"},{"title":"AWS Import Export Disk Service","href":"list_awsimportexportdiskservice"},{"title":"Amazon Inspector","href":"list_amazoninspector"},{"title":"AWS IoT","href":"list_awsiot"},{"title":"AWS IoT 1-Click","href":"list_awsiot1-click"},{"title":"AWS IoT Analytics","href":"list_awsiotanalytics"},{"title":"AWS IoT Events","href":"list_awsiotevents"},{"title":"AWS IoT Greengrass","href":"list_awsiotgreengrass"},{"title":"AWS IoT SiteWise","href":"list_awsiotsitewise"},{"title":"AWS IoT Things Graph","href":"list_awsiotthingsgraph"},{"title":"AWS IQ","href":"list_awsiq"},{"title":"AWS IQ Permissions","href":"list_awsiqpermissions"},{"title":"Amazon Kendra","href":"list_amazonkendra"},{"title":"AWS Key Management Service","href":"list_awskeymanagementservice"},{"title":"Amazon Kinesis","href":"list_amazonkinesis"},{"title":"Amazon Kinesis Analytics","href":"list_amazonkinesisanalytics"},{"title":"Amazon Kinesis Analytics V2","href":"list_amazonkinesisanalyticsv2"},{"title":"Amazon Kinesis Firehose","href":"list_amazonkinesisfirehose"},{"title":"Amazon Kinesis Video Streams","href":"list_amazonkinesisvideostreams"},{"title":"AWS Lake Formation","href":"list_awslakeformation"},{"title":"AWS Lambda","href":"list_awslambda"},{"title":"Launch Wizard","href":"list_launchwizard"},{"title":"Amazon Lex","href":"list_amazonlex"},{"title":"AWS License Manager","href":"list_awslicensemanager"},{"title":"Amazon Lightsail","href":"list_amazonlightsail"},{"title":"Amazon Machine Learning","href":"list_amazonmachinelearning"},{"title":"Amazon Macie","href":"list_amazonmacie"},{"title":"Manage Amazon API Gateway","href":"list_manageamazonapigateway"},{"title":"AWS Managed Apache Cassandra Service","href":"list_awsmanagedapachecassandraservice"},{"title":"Amazon Managed Blockchain","href":"list_amazonmanagedblockchain"},{"title":"Amazon Managed Streaming for Kafka","href":"list_amazonmanagedstreamingforkafka"},{"title":"AWS Marketplace","href":"list_awsmarketplace"},{"title":"AWS Marketplace Catalog","href":"list_awsmarketplacecatalog"},{"title":"AWS Marketplace Entitlement Service","href":"list_awsmarketplaceentitlementservice"},{"title":"AWS Marketplace Image Building Service","href":"list_awsmarketplaceimagebuildingservice"},{"title":"AWS Marketplace Management Portal","href":"list_awsmarketplacemanagementportal"},{"title":"AWS Marketplace Metering Service","href":"list_awsmarketplacemeteringservice"},{"title":"AWS Marketplace Procurement Systems Integration","href":"list_awsmarketplaceprocurementsystemsintegration"},{"title":"Amazon Mechanical Turk","href":"list_amazonmechanicalturk"},{"title":"Amazon Message Delivery Service","href":"list_amazonmessagedeliveryservice"},{"title":"AWS Migration Hub","href":"list_awsmigrationhub"},{"title":"Amazon Mobile Analytics","href":"list_amazonmobileanalytics"},{"title":"AWS Mobile Hub","href":"list_awsmobilehub"},{"title":"Amazon MQ","href":"list_amazonmq"},{"title":"Amazon Neptune","href":"list_amazonneptune"},{"title":"Network Manager","href":"list_networkmanager"},{"title":"AWS OpsWorks","href":"list_awsopsworks"},{"title":"AWS OpsWorks Configuration Management","href":"list_awsopsworksconfigurationmanagement"},{"title":"AWS Organizations","href":"list_awsorganizations"},{"title":"AWS Outposts","href":"list_awsoutposts"},{"title":"AWS Performance Insights","href":"list_awsperformanceinsights"},{"title":"Amazon Personalize","href":"list_amazonpersonalize"},{"title":"Amazon Pinpoint","href":"list_amazonpinpoint"},{"title":"Amazon Pinpoint Email Service","href":"list_amazonpinpointemailservice"},{"title":"Amazon Pinpoint SMS and Voice Service","href":"list_amazonpinpointsmsandvoiceservice"},{"title":"Amazon Polly","href":"list_amazonpolly"},{"title":"AWS Price List","href":"list_awspricelist"},{"title":"AWS Private Marketplace","href":"list_awsprivatemarketplace"},{"title":"Amazon QLDB","href":"list_amazonqldb"},{"title":"Amazon QuickSight","href":"list_amazonquicksight"},{"title":"Amazon RDS","href":"list_amazonrds"},{"title":"Amazon RDS Data API","href":"list_amazonrdsdataapi"},{"title":"Amazon RDS IAM Authentication","href":"list_amazonrdsiamauthentication"},{"title":"Amazon Redshift","href":"list_amazonredshift"},{"title":"Amazon Rekognition","href":"list_amazonrekognition"},{"title":"AWS Resource Access Manager","href":"list_awsresourceaccessmanager"},{"title":"Amazon Resource Group Tagging API","href":"list_amazonresourcegrouptaggingapi"},{"title":"AWS Resource Groups","href":"list_awsresourcegroups"},{"title":"AWS RoboMaker","href":"list_awsrobomaker"},{"title":"Amazon Route 53","href":"list_amazonroute53"},{"title":"Amazon Route 53 Resolver","href":"list_amazonroute53resolver"},{"title":"Amazon Route53 Domains","href":"list_amazonroute53domains"},{"title":"Amazon S3","href":"list_amazons3"},{"title":"Amazon SageMaker","href":"list_amazonsagemaker"},{"title":"AWS Savings Plans","href":"list_awssavingsplans"},{"title":"AWS Secrets Manager","href":"list_awssecretsmanager"},{"title":"AWS Security Hub","href":"list_awssecurityhub"},{"title":"AWS Security Token Service","href":"list_awssecuritytokenservice"},{"title":"AWS Server Migration Service","href":"list_awsservermigrationservice"},{"title":"AWS Serverless Application Repository","href":"list_awsserverlessapplicationrepository"},{"title":"AWS Service Catalog","href":"list_awsservicecatalog"},{"title":"Service Quotas","href":"list_servicequotas"},{"title":"Amazon SES","href":"list_amazonses"},{"title":"Amazon Session Manager Message Gateway Service","href":"list_amazonsessionmanagermessagegatewayservice"},{"title":"AWS Shield","href":"list_awsshield"},{"title":"Amazon Simple Workflow Service","href":"list_amazonsimpleworkflowservice"},{"title":"Amazon SimpleDB","href":"list_amazonsimpledb"},{"title":"AWS Snowball","href":"list_awssnowball"},{"title":"Amazon SNS","href":"list_amazonsns"},{"title":"Amazon SQS","href":"list_amazonsqs"},{"title":"AWS SSO","href":"list_awssso"},{"title":"AWS SSO Directory","href":"list_awsssodirectory"},{"title":"AWS Step Functions","href":"list_awsstepfunctions"},{"title":"Amazon Storage Gateway","href":"list_amazonstoragegateway"},{"title":"Amazon Sumerian","href":"list_amazonsumerian"},{"title":"AWS Support","href":"list_awssupport"},{"title":"AWS Systems Manager","href":"list_awssystemsmanager"},{"title":"Amazon Textract","href":"list_amazontextract"},{"title":"Amazon Transcribe","href":"list_amazontranscribe"},{"title":"AWS Transfer for SFTP","href":"list_awstransferforsftp"},{"title":"Amazon Translate","href":"list_amazontranslate"},{"title":"AWS Trusted Advisor","href":"list_awstrustedadvisor"},{"title":"AWS WAF","href":"list_awswaf"},{"title":"AWS WAF Regional","href":"list_awswafregional"},{"title":"AWS WAF V2","href":"list_awswafv2"},{"title":"AWS Well-Architected Tool","href":"list_awswell-architectedtool"},{"title":"Amazon WorkDocs","href":"list_amazonworkdocs"},{"title":"Amazon WorkLink","href":"list_amazonworklink"},{"title":"Amazon WorkMail","href":"list_amazonworkmail"},{"title":"Amazon WorkMail Message Flow","href":"list_amazonworkmailmessageflow"},{"title":"Amazon WorkSpaces","href":"list_amazonworkspaces"},{"title":"Amazon WorkSpaces Application Manager","href":"list_amazonworkspacesapplicationmanager"},{"title":"AWS X-Ray","href":"list_awsx-ray"}]}]}]},{"title":"Resources","href":"resources"},{"title":"Making Query Requests","href":"programming"},{"title":"Document History","href":"document-history"},{"title":"AWS Glossary","href":"glossary"}]} 2 | -------------------------------------------------------------------------------- /lib/index.ts: -------------------------------------------------------------------------------- 1 | export * from "./principals"; 2 | export * from "./policies"; 3 | export * from "./services"; 4 | -------------------------------------------------------------------------------- /lib/policies.ts: -------------------------------------------------------------------------------- 1 | // NOTE: THIS IS MACHINE GENERATED. CHANGES WILL BE OVERWRITTEN! 2 | 3 | export class ManagedPolicies { 4 | public static readonly API_GATEWAY_SERVICE_ROLE_POLICY = "aws-service-role/APIGatewayServiceRolePolicy" 5 | public static readonly AWS_ACCOUNT_ACTIVITY_ACCESS = "AWSAccountActivityAccess" 6 | public static readonly AWS_ACCOUNT_USAGE_REPORT_ACCESS = "AWSAccountUsageReportAccess" 7 | public static readonly AWS_AGENTLESS_DISCOVERY_SERVICE = "AWSAgentlessDiscoveryService" 8 | public static readonly AWS_APP_MESH_ENVOY_ACCESS = "AWSAppMeshEnvoyAccess" 9 | public static readonly AWS_APP_MESH_FULL_ACCESS = "AWSAppMeshFullAccess" 10 | public static readonly AWS_APP_MESH_PREVIEW_ENVOY_ACCESS = "AWSAppMeshPreviewEnvoyAccess" 11 | public static readonly AWS_APP_MESH_PREVIEW_SERVICE_ROLE_POLICY = "aws-service-role/AWSAppMeshPreviewServiceRolePolicy" 12 | public static readonly AWS_APP_MESH_READ_ONLY = "AWSAppMeshReadOnly" 13 | public static readonly AWS_APP_MESH_SERVICE_ROLE_POLICY = "aws-service-role/AWSAppMeshServiceRolePolicy" 14 | public static readonly AWS_APP_SYNC_ADMINISTRATOR = "AWSAppSyncAdministrator" 15 | public static readonly AWS_APP_SYNC_INVOKE_FULL_ACCESS = "AWSAppSyncInvokeFullAccess" 16 | public static readonly AWS_APP_SYNC_PUSH_TO_CLOUD_WATCH_LOGS = "service-role/AWSAppSyncPushToCloudWatchLogs" 17 | public static readonly AWS_APP_SYNC_SCHEMA_AUTHOR = "AWSAppSyncSchemaAuthor" 18 | public static readonly AWS_APPLICATION_AUTO_SCALING_CUSTOM_RESOURCE_POLICY = "aws-service-role/AWSApplicationAutoScalingCustomResourcePolicy" 19 | public static readonly AWS_APPLICATION_AUTOSCALING_APP_STREAM_FLEET_POLICY = "aws-service-role/AWSApplicationAutoscalingAppStreamFleetPolicy" 20 | public static readonly AWS_APPLICATION_AUTOSCALING_COMPREHEND_ENDPOINT_POLICY = "aws-service-role/AWSApplicationAutoscalingComprehendEndpointPolicy" 21 | public static readonly AWS_APPLICATION_AUTOSCALING_DYNAMO_DB_TABLE_POLICY = "aws-service-role/AWSApplicationAutoscalingDynamoDBTablePolicy" 22 | public static readonly AWS_APPLICATION_AUTOSCALING_EC2_SPOT_FLEET_REQUEST_POLICY = "aws-service-role/AWSApplicationAutoscalingEC2SpotFleetRequestPolicy" 23 | public static readonly AWS_APPLICATION_AUTOSCALING_ECS_SERVICE_POLICY = "aws-service-role/AWSApplicationAutoscalingECSServicePolicy" 24 | public static readonly AWS_APPLICATION_AUTOSCALING_EMR_INSTANCE_GROUP_POLICY = "aws-service-role/AWSApplicationAutoscalingEMRInstanceGroupPolicy" 25 | public static readonly AWS_APPLICATION_AUTOSCALING_LAMBDA_CONCURRENCY_POLICY = "aws-service-role/AWSApplicationAutoscalingLambdaConcurrencyPolicy" 26 | public static readonly AWS_APPLICATION_AUTOSCALING_RDS_CLUSTER_POLICY = "aws-service-role/AWSApplicationAutoscalingRDSClusterPolicy" 27 | public static readonly AWS_APPLICATION_AUTOSCALING_SAGE_MAKER_ENDPOINT_POLICY = "aws-service-role/AWSApplicationAutoscalingSageMakerEndpointPolicy" 28 | public static readonly AWS_APPLICATION_DISCOVERY_AGENT_ACCESS = "AWSApplicationDiscoveryAgentAccess" 29 | public static readonly AWS_APPLICATION_DISCOVERY_SERVICE_FULL_ACCESS = "AWSApplicationDiscoveryServiceFullAccess" 30 | public static readonly AWS_ARTIFACT_ACCOUNT_SYNC = "service-role/AWSArtifactAccountSync" 31 | public static readonly AWS_AUTO_SCALING_PLANS_EC2_AUTO_SCALING_POLICY = "aws-service-role/AWSAutoScalingPlansEC2AutoScalingPolicy" 32 | public static readonly AWSB_9_INTERNAL_SERVICE_POLICY = "AWSB9InternalServicePolicy" 33 | public static readonly AWS_BACKUP_FULL_ACCESS = "AWSBackupFullAccess" 34 | public static readonly AWS_BACKUP_OPERATOR_ACCESS = "AWSBackupOperatorAccess" 35 | public static readonly AWS_BACKUP_SERVICE_ROLE_POLICY_FOR_BACKUP = "service-role/AWSBackupServiceRolePolicyForBackup" 36 | public static readonly AWS_BACKUP_SERVICE_ROLE_POLICY_FOR_RESTORES = "service-role/AWSBackupServiceRolePolicyForRestores" 37 | public static readonly AWS_BATCH_FULL_ACCESS = "AWSBatchFullAccess" 38 | public static readonly AWS_BATCH_SERVICE_EVENT_TARGET_ROLE = "service-role/AWSBatchServiceEventTargetRole" 39 | public static readonly AWS_BATCH_SERVICE_ROLE = "service-role/AWSBatchServiceRole" 40 | public static readonly AWS_CERTIFICATE_MANAGER_FULL_ACCESS = "AWSCertificateManagerFullAccess" 41 | public static readonly AWS_CERTIFICATE_MANAGER_PRIVATE_CA_AUDITOR = "AWSCertificateManagerPrivateCAAuditor" 42 | public static readonly AWS_CERTIFICATE_MANAGER_PRIVATE_CA_FULL_ACCESS = "AWSCertificateManagerPrivateCAFullAccess" 43 | public static readonly AWS_CERTIFICATE_MANAGER_PRIVATE_CA_PRIVILEGED_USER = "AWSCertificateManagerPrivateCAPrivilegedUser" 44 | public static readonly AWS_CERTIFICATE_MANAGER_PRIVATE_CA_READ_ONLY = "AWSCertificateManagerPrivateCAReadOnly" 45 | public static readonly AWS_CERTIFICATE_MANAGER_PRIVATE_CA_USER = "AWSCertificateManagerPrivateCAUser" 46 | public static readonly AWS_CERTIFICATE_MANAGER_READ_ONLY = "AWSCertificateManagerReadOnly" 47 | public static readonly AWS_CHATBOT_SERVICE_LINKED_ROLE_POLICY = "aws-service-role/AWSChatbotServiceLinkedRolePolicy" 48 | public static readonly AWS_CLOUD_9_ADMINISTRATOR = "AWSCloud9Administrator" 49 | public static readonly AWS_CLOUD_9_ENVIRONMENT_MEMBER = "AWSCloud9EnvironmentMember" 50 | public static readonly AWS_CLOUD_9_SERVICE_ROLE_POLICY = "aws-service-role/AWSCloud9ServiceRolePolicy" 51 | public static readonly AWS_CLOUD_9_USER = "AWSCloud9User" 52 | public static readonly AWS_CLOUD_FORMATION_FULL_ACCESS = "AWSCloudFormationFullAccess" 53 | public static readonly AWS_CLOUD_FORMATION_READ_ONLY_ACCESS = "AWSCloudFormationReadOnlyAccess" 54 | public static readonly AWS_CLOUD_FRONT_LOGGER = "aws-service-role/AWSCloudFrontLogger" 55 | public static readonly AWS_CLOUD_HSM_FULL_ACCESS = "AWSCloudHSMFullAccess" 56 | public static readonly AWS_CLOUD_HSM_READ_ONLY_ACCESS = "AWSCloudHSMReadOnlyAccess" 57 | public static readonly AWS_CLOUD_HSM_ROLE = "service-role/AWSCloudHSMRole" 58 | public static readonly AWS_CLOUD_MAP_DISCOVER_INSTANCE_ACCESS = "AWSCloudMapDiscoverInstanceAccess" 59 | public static readonly AWS_CLOUD_MAP_FULL_ACCESS = "AWSCloudMapFullAccess" 60 | public static readonly AWS_CLOUD_MAP_READ_ONLY_ACCESS = "AWSCloudMapReadOnlyAccess" 61 | public static readonly AWS_CLOUD_MAP_REGISTER_INSTANCE_ACCESS = "AWSCloudMapRegisterInstanceAccess" 62 | public static readonly AWS_CLOUD_TRAIL_FULL_ACCESS = "AWSCloudTrailFullAccess" 63 | public static readonly AWS_CLOUD_TRAIL_READ_ONLY_ACCESS = "AWSCloudTrailReadOnlyAccess" 64 | public static readonly AWS_CODE_BUILD_ADMIN_ACCESS = "AWSCodeBuildAdminAccess" 65 | public static readonly AWS_CODE_BUILD_DEVELOPER_ACCESS = "AWSCodeBuildDeveloperAccess" 66 | public static readonly AWS_CODE_BUILD_READ_ONLY_ACCESS = "AWSCodeBuildReadOnlyAccess" 67 | public static readonly AWS_CODE_COMMIT_FULL_ACCESS = "AWSCodeCommitFullAccess" 68 | public static readonly AWS_CODE_COMMIT_POWER_USER = "AWSCodeCommitPowerUser" 69 | public static readonly AWS_CODE_COMMIT_READ_ONLY = "AWSCodeCommitReadOnly" 70 | public static readonly AWS_CODE_DEPLOY_DEPLOYER_ACCESS = "AWSCodeDeployDeployerAccess" 71 | public static readonly AWS_CODE_DEPLOY_FULL_ACCESS = "AWSCodeDeployFullAccess" 72 | public static readonly AWS_CODE_DEPLOY_READ_ONLY_ACCESS = "AWSCodeDeployReadOnlyAccess" 73 | public static readonly AWS_CODE_DEPLOY_ROLE = "service-role/AWSCodeDeployRole" 74 | public static readonly AWS_CODE_DEPLOY_ROLE_FOR_ECS = "AWSCodeDeployRoleForECS" 75 | public static readonly AWS_CODE_DEPLOY_ROLE_FOR_ECS_LIMITED = "AWSCodeDeployRoleForECSLimited" 76 | public static readonly AWS_CODE_DEPLOY_ROLE_FOR_LAMBDA = "service-role/AWSCodeDeployRoleForLambda" 77 | public static readonly AWS_CODE_PIPELINE_APPROVER_ACCESS = "AWSCodePipelineApproverAccess" 78 | public static readonly AWS_CODE_PIPELINE_CUSTOM_ACTION_ACCESS = "AWSCodePipelineCustomActionAccess" 79 | public static readonly AWS_CODE_PIPELINE_FULL_ACCESS = "AWSCodePipelineFullAccess" 80 | public static readonly AWS_CODE_PIPELINE_READ_ONLY_ACCESS = "AWSCodePipelineReadOnlyAccess" 81 | public static readonly AWS_CODE_STAR_FULL_ACCESS = "AWSCodeStarFullAccess" 82 | public static readonly AWS_CODE_STAR_NOTIFICATIONS_SERVICE_ROLE_POLICY = "aws-service-role/AWSCodeStarNotificationsServiceRolePolicy" 83 | public static readonly AWS_CODE_STAR_SERVICE_ROLE = "service-role/AWSCodeStarServiceRole" 84 | public static readonly AWS_CONFIG_MULTI_ACCOUNT_SETUP_POLICY = "aws-service-role/AWSConfigMultiAccountSetupPolicy" 85 | public static readonly AWS_CONFIG_REMEDIATION_SERVICE_ROLE_POLICY = "aws-service-role/AWSConfigRemediationServiceRolePolicy" 86 | public static readonly AWS_CONFIG_ROLE = "service-role/AWSConfigRole" 87 | public static readonly AWS_CONFIG_ROLE_FOR_ORGANIZATIONS = "service-role/AWSConfigRoleForOrganizations" 88 | public static readonly AWS_CONFIG_RULES_EXECUTION_ROLE = "service-role/AWSConfigRulesExecutionRole" 89 | public static readonly AWS_CONFIG_SERVICE_ROLE_POLICY = "aws-service-role/AWSConfigServiceRolePolicy" 90 | public static readonly AWS_CONFIG_USER_ACCESS = "AWSConfigUserAccess" 91 | public static readonly AWS_CONNECTOR = "AWSConnector" 92 | public static readonly AWS_CONTROL_TOWER_SERVICE_ROLE_POLICY = "service-role/AWSControlTowerServiceRolePolicy" 93 | public static readonly AWS_DATA_EXCHANGE_FULL_ACCESS = "AWSDataExchangeFullAccess" 94 | public static readonly AWS_DATA_EXCHANGE_PROVIDER_FULL_ACCESS = "AWSDataExchangeProviderFullAccess" 95 | public static readonly AWS_DATA_EXCHANGE_READ_ONLY = "AWSDataExchangeReadOnly" 96 | public static readonly AWS_DATA_EXCHANGE_SUBSCRIBER_FULL_ACCESS = "AWSDataExchangeSubscriberFullAccess" 97 | public static readonly AWS_DATA_LIFECYCLE_MANAGER_SERVICE_ROLE = "service-role/AWSDataLifecycleManagerServiceRole" 98 | public static readonly AWS_DATA_PIPELINE_ROLE = "service-role/AWSDataPipelineRole" 99 | public static readonly AWS_DATA_PIPELINE_FULL_ACCESS = "AWSDataPipeline_FullAccess" 100 | public static readonly AWS_DATA_PIPELINE_POWER_USER = "AWSDataPipeline_PowerUser" 101 | public static readonly AWS_DATA_SYNC_FULL_ACCESS = "AWSDataSyncFullAccess" 102 | public static readonly AWS_DATA_SYNC_READ_ONLY_ACCESS = "AWSDataSyncReadOnlyAccess" 103 | public static readonly AWS_DEEP_LENS_LAMBDA_FUNCTION_ACCESS_POLICY = "AWSDeepLensLambdaFunctionAccessPolicy" 104 | public static readonly AWS_DEEP_LENS_SERVICE_ROLE_POLICY = "service-role/AWSDeepLensServiceRolePolicy" 105 | public static readonly AWS_DEEP_RACER_CLOUD_FORMATION_ACCESS_POLICY = "AWSDeepRacerCloudFormationAccessPolicy" 106 | public static readonly AWS_DEEP_RACER_ROBO_MAKER_ACCESS_POLICY = "AWSDeepRacerRoboMakerAccessPolicy" 107 | public static readonly AWS_DEEP_RACER_SERVICE_ROLE_POLICY = "service-role/AWSDeepRacerServiceRolePolicy" 108 | public static readonly AWS_DENY_ALL = "AWSDenyAll" 109 | public static readonly AWS_DEVICE_FARM_FULL_ACCESS = "AWSDeviceFarmFullAccess" 110 | public static readonly AWS_DIRECT_CONNECT_FULL_ACCESS = "AWSDirectConnectFullAccess" 111 | public static readonly AWS_DIRECT_CONNECT_READ_ONLY_ACCESS = "AWSDirectConnectReadOnlyAccess" 112 | public static readonly AWS_DIRECTORY_SERVICE_FULL_ACCESS = "AWSDirectoryServiceFullAccess" 113 | public static readonly AWS_DIRECTORY_SERVICE_READ_ONLY_ACCESS = "AWSDirectoryServiceReadOnlyAccess" 114 | public static readonly AWS_DISCOVERY_CONTINUOUS_EXPORT_FIREHOSE_POLICY = "AWSDiscoveryContinuousExportFirehosePolicy" 115 | public static readonly AWSEC2_FLEET_SERVICE_ROLE_POLICY = "aws-service-role/AWSEC2FleetServiceRolePolicy" 116 | public static readonly AWSEC2_SPOT_FLEET_SERVICE_ROLE_POLICY = "aws-service-role/AWSEC2SpotFleetServiceRolePolicy" 117 | public static readonly AWSEC2_SPOT_SERVICE_ROLE_POLICY = "aws-service-role/AWSEC2SpotServiceRolePolicy" 118 | public static readonly AWS_ELASTIC_BEANSTALK_CUSTOM_PLATFORMFOR_EC2_ROLE = "AWSElasticBeanstalkCustomPlatformforEC2Role" 119 | public static readonly AWS_ELASTIC_BEANSTALK_ENHANCED_HEALTH = "service-role/AWSElasticBeanstalkEnhancedHealth" 120 | public static readonly AWS_ELASTIC_BEANSTALK_FULL_ACCESS = "AWSElasticBeanstalkFullAccess" 121 | public static readonly AWS_ELASTIC_BEANSTALK_MAINTENANCE = "aws-service-role/AWSElasticBeanstalkMaintenance" 122 | public static readonly AWS_ELASTIC_BEANSTALK_MANAGED_UPDATES_SERVICE_ROLE_POLICY = "aws-service-role/AWSElasticBeanstalkManagedUpdatesServiceRolePolicy" 123 | public static readonly AWS_ELASTIC_BEANSTALK_MULTICONTAINER_DOCKER = "AWSElasticBeanstalkMulticontainerDocker" 124 | public static readonly AWS_ELASTIC_BEANSTALK_READ_ONLY_ACCESS = "AWSElasticBeanstalkReadOnlyAccess" 125 | public static readonly AWS_ELASTIC_BEANSTALK_SERVICE = "service-role/AWSElasticBeanstalkService" 126 | public static readonly AWS_ELASTIC_BEANSTALK_SERVICE_ROLE_POLICY = "aws-service-role/AWSElasticBeanstalkServiceRolePolicy" 127 | public static readonly AWS_ELASTIC_BEANSTALK_WEB_TIER = "AWSElasticBeanstalkWebTier" 128 | public static readonly AWS_ELASTIC_BEANSTALK_WORKER_TIER = "AWSElasticBeanstalkWorkerTier" 129 | public static readonly AWS_ELASTIC_LOAD_BALANCING_CLASSIC_SERVICE_ROLE_POLICY = "aws-service-role/AWSElasticLoadBalancingClassicServiceRolePolicy" 130 | public static readonly AWS_ELASTIC_LOAD_BALANCING_SERVICE_ROLE_POLICY = "aws-service-role/AWSElasticLoadBalancingServiceRolePolicy" 131 | public static readonly AWS_ELEMENTAL_MEDIA_CONVERT_FULL_ACCESS = "AWSElementalMediaConvertFullAccess" 132 | public static readonly AWS_ELEMENTAL_MEDIA_CONVERT_READ_ONLY = "AWSElementalMediaConvertReadOnly" 133 | public static readonly AWS_ELEMENTAL_MEDIA_PACKAGE_FULL_ACCESS = "AWSElementalMediaPackageFullAccess" 134 | public static readonly AWS_ELEMENTAL_MEDIA_PACKAGE_READ_ONLY = "AWSElementalMediaPackageReadOnly" 135 | public static readonly AWS_ELEMENTAL_MEDIA_STORE_FULL_ACCESS = "AWSElementalMediaStoreFullAccess" 136 | public static readonly AWS_ELEMENTAL_MEDIA_STORE_READ_ONLY = "AWSElementalMediaStoreReadOnly" 137 | public static readonly AWS_ENHANCED_CLASSIC_NETWORKING_MANGEMENT_POLICY = "aws-service-role/AWSEnhancedClassicNetworkingMangementPolicy" 138 | public static readonly AWSFM_ADMIN_FULL_ACCESS = "AWSFMAdminFullAccess" 139 | public static readonly AWSFM_ADMIN_READ_ONLY_ACCESS = "AWSFMAdminReadOnlyAccess" 140 | public static readonly AWSFM_MEMBER_READ_ONLY_ACCESS = "AWSFMMemberReadOnlyAccess" 141 | public static readonly AWS_FOR_WORD_PRESS_PLUGIN_POLICY = "AWSForWordPressPluginPolicy" 142 | public static readonly AWS_GLOBAL_ACCELERATOR_SLR_POLICY = "aws-service-role/AWSGlobalAcceleratorSLRPolicy" 143 | public static readonly AWS_GLUE_CONSOLE_FULL_ACCESS = "AWSGlueConsoleFullAccess" 144 | public static readonly AWS_GLUE_CONSOLE_SAGE_MAKER_NOTEBOOK_FULL_ACCESS = "AWSGlueConsoleSageMakerNotebookFullAccess" 145 | public static readonly AWS_GLUE_SERVICE_NOTEBOOK_ROLE = "service-role/AWSGlueServiceNotebookRole" 146 | public static readonly AWS_GLUE_SERVICE_ROLE = "service-role/AWSGlueServiceRole" 147 | public static readonly AWS_GREENGRASS_FULL_ACCESS = "AWSGreengrassFullAccess" 148 | public static readonly AWS_GREENGRASS_READ_ONLY_ACCESS = "AWSGreengrassReadOnlyAccess" 149 | public static readonly AWS_GREENGRASS_RESOURCE_ACCESS_ROLE_POLICY = "service-role/AWSGreengrassResourceAccessRolePolicy" 150 | public static readonly AWS_HEALTH_FULL_ACCESS = "AWSHealthFullAccess" 151 | public static readonly AWSIQ_CONTRACT_SERVICE_ROLE_POLICY = "aws-service-role/AWSIQContractServiceRolePolicy" 152 | public static readonly AWSIQ_FULL_ACCESS = "AWSIQFullAccess" 153 | public static readonly AWSIQ_PERMISSION_SERVICE_ROLE_POLICY = "aws-service-role/AWSIQPermissionServiceRolePolicy" 154 | public static readonly AWS_IMAGE_BUILDER_READ_ONLY_ACCESS = "AWSImageBuilderReadOnlyAccess" 155 | public static readonly AWS_IMPORT_EXPORT_FULL_ACCESS = "AWSImportExportFullAccess" 156 | public static readonly AWS_IMPORT_EXPORT_READ_ONLY_ACCESS = "AWSImportExportReadOnlyAccess" 157 | public static readonly AWS_IOT_1_CLICK_FULL_ACCESS = "AWSIoT1ClickFullAccess" 158 | public static readonly AWS_IOT_1_CLICK_READ_ONLY_ACCESS = "AWSIoT1ClickReadOnlyAccess" 159 | public static readonly AWS_IOT_ANALYTICS_FULL_ACCESS = "AWSIoTAnalyticsFullAccess" 160 | public static readonly AWS_IOT_ANALYTICS_READ_ONLY_ACCESS = "AWSIoTAnalyticsReadOnlyAccess" 161 | public static readonly AWS_IOT_CONFIG_ACCESS = "AWSIoTConfigAccess" 162 | public static readonly AWS_IOT_CONFIG_READ_ONLY_ACCESS = "AWSIoTConfigReadOnlyAccess" 163 | public static readonly AWS_IOT_DATA_ACCESS = "AWSIoTDataAccess" 164 | public static readonly AWS_IOT_DEVICE_DEFENDER_ADD_THINGS_TO_THING_GROUP_MITIGATION_ACTION = "service-role/AWSIoTDeviceDefenderAddThingsToThingGroupMitigationAction" 165 | public static readonly AWS_IOT_DEVICE_DEFENDER_AUDIT = "service-role/AWSIoTDeviceDefenderAudit" 166 | public static readonly AWS_IOT_DEVICE_DEFENDER_ENABLE_IO_T_LOGGING_MITIGATION_ACTION = "service-role/AWSIoTDeviceDefenderEnableIoTLoggingMitigationAction" 167 | public static readonly AWS_IOT_DEVICE_DEFENDER_PUBLISH_FINDINGS_TO_SNS_MITIGATION_ACTION = "service-role/AWSIoTDeviceDefenderPublishFindingsToSNSMitigationAction" 168 | public static readonly AWS_IOT_DEVICE_DEFENDER_REPLACE_DEFAULT_POLICY_MITIGATION_ACTION = "service-role/AWSIoTDeviceDefenderReplaceDefaultPolicyMitigationAction" 169 | public static readonly AWS_IOT_DEVICE_DEFENDER_UPDATE_CA_CERT_MITIGATION_ACTION = "service-role/AWSIoTDeviceDefenderUpdateCACertMitigationAction" 170 | public static readonly AWS_IOT_DEVICE_DEFENDER_UPDATE_DEVICE_CERT_MITIGATION_ACTION = "service-role/AWSIoTDeviceDefenderUpdateDeviceCertMitigationAction" 171 | public static readonly AWS_IOT_EVENTS_FULL_ACCESS = "AWSIoTEventsFullAccess" 172 | public static readonly AWS_IOT_EVENTS_READ_ONLY_ACCESS = "AWSIoTEventsReadOnlyAccess" 173 | public static readonly AWS_IOT_FULL_ACCESS = "AWSIoTFullAccess" 174 | public static readonly AWS_IOT_LOGGING = "service-role/AWSIoTLogging" 175 | public static readonly AWS_IOTOTA_UPDATE = "service-role/AWSIoTOTAUpdate" 176 | public static readonly AWS_IOT_RULE_ACTIONS = "service-role/AWSIoTRuleActions" 177 | public static readonly AWS_IOT_SITE_WISE_CONSOLE_FULL_ACCESS = "AWSIoTSiteWiseConsoleFullAccess" 178 | public static readonly AWS_IOT_SITE_WISE_FULL_ACCESS = "AWSIoTSiteWiseFullAccess" 179 | public static readonly AWS_IOT_SITE_WISE_MONITOR_SERVICE_ROLE_POLICY = "aws-service-role/AWSIoTSiteWiseMonitorServiceRolePolicy" 180 | public static readonly AWS_IOT_SITE_WISE_READ_ONLY_ACCESS = "AWSIoTSiteWiseReadOnlyAccess" 181 | public static readonly AWS_IOT_THINGS_REGISTRATION = "service-role/AWSIoTThingsRegistration" 182 | public static readonly AWS_KEY_MANAGEMENT_SERVICE_CUSTOM_KEY_STORES_SERVICE_ROLE_POLICY = "aws-service-role/AWSKeyManagementServiceCustomKeyStoresServiceRolePolicy" 183 | public static readonly AWS_KEY_MANAGEMENT_SERVICE_POWER_USER = "AWSKeyManagementServicePowerUser" 184 | public static readonly AWS_LAKE_FORMATION_DATA_ADMIN = "AWSLakeFormationDataAdmin" 185 | public static readonly AWS_LAMBDA_BASIC_EXECUTION_ROLE = "service-role/AWSLambdaBasicExecutionRole" 186 | public static readonly AWS_LAMBDA_DYNAMO_DB_EXECUTION_ROLE = "service-role/AWSLambdaDynamoDBExecutionRole" 187 | public static readonly AWS_LAMBDA_ENI_MANAGEMENT_ACCESS = "service-role/AWSLambdaENIManagementAccess" 188 | public static readonly AWS_LAMBDA_EXECUTE = "AWSLambdaExecute" 189 | public static readonly AWS_LAMBDA_FULL_ACCESS = "AWSLambda_FullAccess" 190 | public static readonly AWS_LAMBDA_INVOCATION_DYNAMO_DB = "AWSLambdaInvocation-DynamoDB" 191 | public static readonly AWS_LAMBDA_KINESIS_EXECUTION_ROLE = "service-role/AWSLambdaKinesisExecutionRole" 192 | public static readonly AWS_LAMBDA_READ_ONLY_ACCESS = "AWSLambda_ReadOnlyAccess" 193 | public static readonly AWS_LAMBDA_REPLICATOR = "aws-service-role/AWSLambdaReplicator" 194 | public static readonly AWS_LAMBDA_ROLE = "service-role/AWSLambdaRole" 195 | public static readonly AWS_LAMBDA_SQS_QUEUE_EXECUTION_ROLE = "service-role/AWSLambdaSQSQueueExecutionRole" 196 | public static readonly AWS_LAMBDA_VPC_ACCESS_EXECUTION_ROLE = "service-role/AWSLambdaVPCAccessExecutionRole" 197 | public static readonly AWS_LICENSE_MANAGER_MASTER_ACCOUNT_ROLE_POLICY = "aws-service-role/AWSLicenseManagerMasterAccountRolePolicy" 198 | public static readonly AWS_LICENSE_MANAGER_MEMBER_ACCOUNT_ROLE_POLICY = "aws-service-role/AWSLicenseManagerMemberAccountRolePolicy" 199 | public static readonly AWS_LICENSE_MANAGER_SERVICE_ROLE_POLICY = "aws-service-role/AWSLicenseManagerServiceRolePolicy" 200 | public static readonly AWS_MARKETPLACE_FULL_ACCESS = "AWSMarketplaceFullAccess" 201 | public static readonly AWS_MARKETPLACE_GET_ENTITLEMENTS = "AWSMarketplaceGetEntitlements" 202 | public static readonly AWS_MARKETPLACE_IMAGE_BUILD_FULL_ACCESS = "AWSMarketplaceImageBuildFullAccess" 203 | public static readonly AWS_MARKETPLACE_MANAGE_SUBSCRIPTIONS = "AWSMarketplaceManageSubscriptions" 204 | public static readonly AWS_MARKETPLACE_METERING_FULL_ACCESS = "AWSMarketplaceMeteringFullAccess" 205 | public static readonly AWS_MARKETPLACE_METERING_REGISTER_USAGE = "AWSMarketplaceMeteringRegisterUsage" 206 | public static readonly AWS_MARKETPLACE_PROCUREMENT_SYSTEM_ADMIN_FULL_ACCESS = "AWSMarketplaceProcurementSystemAdminFullAccess" 207 | public static readonly AWS_MARKETPLACE_READ_ONLY = "AWSMarketplaceRead-only" 208 | public static readonly AWS_MARKETPLACE_SELLER_FULL_ACCESS = "AWSMarketplaceSellerFullAccess" 209 | public static readonly AWS_MARKETPLACE_SELLER_PRODUCTS_FULL_ACCESS = "AWSMarketplaceSellerProductsFullAccess" 210 | public static readonly AWS_MARKETPLACE_SELLER_PRODUCTS_READ_ONLY = "AWSMarketplaceSellerProductsReadOnly" 211 | public static readonly AWS_MIGRATION_HUB_DMS_ACCESS = "service-role/AWSMigrationHubDMSAccess" 212 | public static readonly AWS_MIGRATION_HUB_DISCOVERY_ACCESS = "service-role/AWSMigrationHubDiscoveryAccess" 213 | public static readonly AWS_MIGRATION_HUB_FULL_ACCESS = "AWSMigrationHubFullAccess" 214 | public static readonly AWS_MIGRATION_HUB_SMS_ACCESS = "service-role/AWSMigrationHubSMSAccess" 215 | public static readonly AWS_MOBILE_HUB_FULL_ACCESS = "AWSMobileHub_FullAccess" 216 | public static readonly AWS_MOBILE_HUB_READ_ONLY = "AWSMobileHub_ReadOnly" 217 | public static readonly AWS_NETWORK_MANAGER_FULL_ACCESS = "AWSNetworkManagerFullAccess" 218 | public static readonly AWS_NETWORK_MANAGER_READ_ONLY_ACCESS = "AWSNetworkManagerReadOnlyAccess" 219 | public static readonly AWS_NETWORK_MANAGER_SERVICE_ROLE_POLICY = "aws-service-role/AWSNetworkManagerServiceRolePolicy" 220 | public static readonly AWS_OPS_WORKS_CM_INSTANCE_PROFILE_ROLE = "AWSOpsWorksCMInstanceProfileRole" 221 | public static readonly AWS_OPS_WORKS_CM_SERVICE_ROLE = "service-role/AWSOpsWorksCMServiceRole" 222 | public static readonly AWS_OPS_WORKS_CLOUD_WATCH_LOGS = "AWSOpsWorksCloudWatchLogs" 223 | public static readonly AWS_OPS_WORKS_FULL_ACCESS = "AWSOpsWorksFullAccess" 224 | public static readonly AWS_OPS_WORKS_INSTANCE_REGISTRATION = "AWSOpsWorksInstanceRegistration" 225 | public static readonly AWS_OPS_WORKS_REGISTER_CLI_EC2 = "AWSOpsWorksRegisterCLI_EC2" 226 | public static readonly AWS_OPS_WORKS_REGISTER_CLI_ON_PREMISES = "AWSOpsWorksRegisterCLI_OnPremises" 227 | public static readonly AWS_OPS_WORKS_ROLE = "service-role/AWSOpsWorksRole" 228 | public static readonly AWS_ORGANIZATIONS_FULL_ACCESS = "AWSOrganizationsFullAccess" 229 | public static readonly AWS_ORGANIZATIONS_READ_ONLY_ACCESS = "AWSOrganizationsReadOnlyAccess" 230 | public static readonly AWS_ORGANIZATIONS_SERVICE_TRUST_POLICY = "aws-service-role/AWSOrganizationsServiceTrustPolicy" 231 | public static readonly AWS_PRICE_LIST_SERVICE_FULL_ACCESS = "AWSPriceListServiceFullAccess" 232 | public static readonly AWS_PRIVATE_MARKETPLACE_ADMIN_FULL_ACCESS = "AWSPrivateMarketplaceAdminFullAccess" 233 | public static readonly AWS_PRIVATE_MARKETPLACE_REQUESTS = "AWSPrivateMarketplaceRequests" 234 | public static readonly AWS_QUICK_SIGHT_DESCRIBE_RDS = "service-role/AWSQuickSightDescribeRDS" 235 | public static readonly AWS_QUICK_SIGHT_DESCRIBE_REDSHIFT = "service-role/AWSQuickSightDescribeRedshift" 236 | public static readonly AWS_QUICK_SIGHT_IOT_ANALYTICS_ACCESS = "AWSQuickSightIoTAnalyticsAccess" 237 | public static readonly AWS_QUICK_SIGHT_LIST_IAM = "service-role/AWSQuickSightListIAM" 238 | public static readonly AWS_QUICKSIGHT_ATHENA_ACCESS = "service-role/AWSQuicksightAthenaAccess" 239 | public static readonly AWS_RESOURCE_ACCESS_MANAGER_FULL_ACCESS = "AWSResourceAccessManagerFullAccess" 240 | public static readonly AWS_RESOURCE_ACCESS_MANAGER_READ_ONLY_ACCESS = "AWSResourceAccessManagerReadOnlyAccess" 241 | public static readonly AWS_RESOURCE_ACCESS_MANAGER_RESOURCE_SHARE_PARTICIPANT_ACCESS = "AWSResourceAccessManagerResourceShareParticipantAccess" 242 | public static readonly AWS_RESOURCE_ACCESS_MANAGER_SERVICE_ROLE_POLICY = "aws-service-role/AWSResourceAccessManagerServiceRolePolicy" 243 | public static readonly AWS_RESOURCE_GROUPS_READ_ONLY_ACCESS = "AWSResourceGroupsReadOnlyAccess" 244 | public static readonly AWS_ROBO_MAKER_FULL_ACCESS = "AWSRoboMakerFullAccess" 245 | public static readonly AWS_ROBO_MAKER_READ_ONLY_ACCESS = "AWSRoboMakerReadOnlyAccess" 246 | public static readonly AWS_ROBO_MAKER_SERVICE_POLICY = "aws-service-role/AWSRoboMakerServicePolicy" 247 | public static readonly AWS_ROBO_MAKER_SERVICE_ROLE_POLICY = "AWSRoboMakerServiceRolePolicy" 248 | public static readonly AWSSSO_DIRECTORY_ADMINISTRATOR = "AWSSSODirectoryAdministrator" 249 | public static readonly AWSSSO_DIRECTORY_READ_ONLY = "AWSSSODirectoryReadOnly" 250 | public static readonly AWSSSO_MASTER_ACCOUNT_ADMINISTRATOR = "AWSSSOMasterAccountAdministrator" 251 | public static readonly AWSSSO_MEMBER_ACCOUNT_ADMINISTRATOR = "AWSSSOMemberAccountAdministrator" 252 | public static readonly AWSSSO_READ_ONLY = "AWSSSOReadOnly" 253 | public static readonly AWSSSO_SERVICE_ROLE_POLICY = "aws-service-role/AWSSSOServiceRolePolicy" 254 | public static readonly AWS_SAVINGS_PLANS_FULL_ACCESS = "AWSSavingsPlansFullAccess" 255 | public static readonly AWS_SAVINGS_PLANS_READ_ONLY_ACCESS = "AWSSavingsPlansReadOnlyAccess" 256 | public static readonly AWS_SECURITY_HUB_FULL_ACCESS = "AWSSecurityHubFullAccess" 257 | public static readonly AWS_SECURITY_HUB_READ_ONLY_ACCESS = "AWSSecurityHubReadOnlyAccess" 258 | public static readonly AWS_SECURITY_HUB_SERVICE_ROLE_POLICY = "aws-service-role/AWSSecurityHubServiceRolePolicy" 259 | public static readonly AWS_SERVICE_CATALOG_ADMIN_FULL_ACCESS = "AWSServiceCatalogAdminFullAccess" 260 | public static readonly AWS_SERVICE_CATALOG_ADMIN_READ_ONLY_ACCESS = "AWSServiceCatalogAdminReadOnlyAccess" 261 | public static readonly AWS_SERVICE_CATALOG_END_USER_FULL_ACCESS = "AWSServiceCatalogEndUserFullAccess" 262 | public static readonly AWS_SERVICE_CATALOG_END_USER_READ_ONLY_ACCESS = "AWSServiceCatalogEndUserReadOnlyAccess" 263 | public static readonly AWS_SERVICE_ROLE_FOR_AMAZON_EKS_NODEGROUP = "aws-service-role/AWSServiceRoleForAmazonEKSNodegroup" 264 | public static readonly AWS_SERVICE_ROLE_FOR_EC2_SCHEDULED_INSTANCES = "aws-service-role/AWSServiceRoleForEC2ScheduledInstances" 265 | public static readonly AWS_SERVICE_ROLE_FOR_IMAGE_BUILDER = "aws-service-role/AWSServiceRoleForImageBuilder" 266 | public static readonly AWS_SERVICE_ROLE_FOR_IOT_SITE_WISE = "aws-service-role/AWSServiceRoleForIoTSiteWise" 267 | public static readonly AWS_SERVICE_ROLE_FOR_LOG_DELIVERY_POLICY = "aws-service-role/AWSServiceRoleForLogDeliveryPolicy" 268 | public static readonly AWS_SERVICE_ROLE_FOR_SMS = "aws-service-role/AWSServiceRoleForSMS" 269 | public static readonly AWS_SHIELD_DRT_ACCESS_POLICY = "service-role/AWSShieldDRTAccessPolicy" 270 | public static readonly AWS_STEP_FUNCTIONS_CONSOLE_FULL_ACCESS = "AWSStepFunctionsConsoleFullAccess" 271 | public static readonly AWS_STEP_FUNCTIONS_FULL_ACCESS = "AWSStepFunctionsFullAccess" 272 | public static readonly AWS_STEP_FUNCTIONS_READ_ONLY_ACCESS = "AWSStepFunctionsReadOnlyAccess" 273 | public static readonly AWS_STORAGE_GATEWAY_FULL_ACCESS = "AWSStorageGatewayFullAccess" 274 | public static readonly AWS_STORAGE_GATEWAY_READ_ONLY_ACCESS = "AWSStorageGatewayReadOnlyAccess" 275 | public static readonly AWS_SUPPORT_ACCESS = "AWSSupportAccess" 276 | public static readonly AWS_SUPPORT_SERVICE_ROLE_POLICY = "aws-service-role/AWSSupportServiceRolePolicy" 277 | public static readonly AWS_SYSTEMS_MANAGER_ACCOUNT_DISCOVERY_SERVICE_POLICY = "aws-service-role/AWSSystemsManagerAccountDiscoveryServicePolicy" 278 | public static readonly AWS_TRANSFER_LOGGING_ACCESS = "service-role/AWSTransferLoggingAccess" 279 | public static readonly AWS_TRUSTED_ADVISOR_REPORTING_SERVICE_ROLE_POLICY = "aws-service-role/AWSTrustedAdvisorReportingServiceRolePolicy" 280 | public static readonly AWS_TRUSTED_ADVISOR_SERVICE_ROLE_POLICY = "aws-service-role/AWSTrustedAdvisorServiceRolePolicy" 281 | public static readonly AWSVPCS_2_S_VPN_SERVICE_ROLE_POLICY = "aws-service-role/AWSVPCS2SVpnServiceRolePolicy" 282 | public static readonly AWSVPC_TRANSIT_GATEWAY_SERVICE_ROLE_POLICY = "aws-service-role/AWSVPCTransitGatewayServiceRolePolicy" 283 | public static readonly AWSWAF_FULL_ACCESS = "AWSWAFFullAccess" 284 | public static readonly AWSWAF_READ_ONLY_ACCESS = "AWSWAFReadOnlyAccess" 285 | public static readonly AWSX_RAY_DAEMON_WRITE_ACCESS = "AWSXRayDaemonWriteAccess" 286 | public static readonly AWS_XRAY_FULL_ACCESS = "AWSXrayFullAccess" 287 | public static readonly AWS_XRAY_READ_ONLY_ACCESS = "AWSXrayReadOnlyAccess" 288 | public static readonly AWS_XRAY_WRITE_ONLY_ACCESS = "AWSXrayWriteOnlyAccess" 289 | public static readonly ACCESS_ANALYZER_SERVICE_ROLE_POLICY = "aws-service-role/AccessAnalyzerServiceRolePolicy" 290 | public static readonly ADMINISTRATOR_ACCESS = "AdministratorAccess" 291 | public static readonly ALEXA_FOR_BUSINESS_DEVICE_SETUP = "AlexaForBusinessDeviceSetup" 292 | public static readonly ALEXA_FOR_BUSINESS_FULL_ACCESS = "AlexaForBusinessFullAccess" 293 | public static readonly ALEXA_FOR_BUSINESS_GATEWAY_EXECUTION = "AlexaForBusinessGatewayExecution" 294 | public static readonly ALEXA_FOR_BUSINESS_NETWORK_PROFILE_SERVICE_POLICY = "aws-service-role/AlexaForBusinessNetworkProfileServicePolicy" 295 | public static readonly ALEXA_FOR_BUSINESS_POLY_DELEGATED_ACCESS_POLICY = "AlexaForBusinessPolyDelegatedAccessPolicy" 296 | public static readonly ALEXA_FOR_BUSINESS_READ_ONLY_ACCESS = "AlexaForBusinessReadOnlyAccess" 297 | public static readonly AMAZON_API_GATEWAY_ADMINISTRATOR = "AmazonAPIGatewayAdministrator" 298 | public static readonly AMAZON_API_GATEWAY_INVOKE_FULL_ACCESS = "AmazonAPIGatewayInvokeFullAccess" 299 | public static readonly AMAZON_API_GATEWAY_PUSH_TO_CLOUD_WATCH_LOGS = "service-role/AmazonAPIGatewayPushToCloudWatchLogs" 300 | public static readonly AMAZON_APP_STREAM_FULL_ACCESS = "AmazonAppStreamFullAccess" 301 | public static readonly AMAZON_APP_STREAM_READ_ONLY_ACCESS = "AmazonAppStreamReadOnlyAccess" 302 | public static readonly AMAZON_APP_STREAM_SERVICE_ACCESS = "service-role/AmazonAppStreamServiceAccess" 303 | public static readonly AMAZON_ATHENA_FULL_ACCESS = "AmazonAthenaFullAccess" 304 | public static readonly AMAZON_AUGMENTED_AI_FULL_ACCESS = "AmazonAugmentedAIFullAccess" 305 | public static readonly AMAZON_AUGMENTED_AI_HUMAN_LOOP_FULL_ACCESS = "AmazonAugmentedAIHumanLoopFullAccess" 306 | public static readonly AMAZON_CHIME_FULL_ACCESS = "AmazonChimeFullAccess" 307 | public static readonly AMAZON_CHIME_READ_ONLY = "AmazonChimeReadOnly" 308 | public static readonly AMAZON_CHIME_SERVICE_ROLE_POLICY = "aws-service-role/AmazonChimeServiceRolePolicy" 309 | public static readonly AMAZON_CHIME_USER_MANAGEMENT = "AmazonChimeUserManagement" 310 | public static readonly AMAZON_CHIME_VOICE_CONNECTOR_SERVICE_LINKED_ROLE_POLICY = "aws-service-role/AmazonChimeVoiceConnectorServiceLinkedRolePolicy" 311 | public static readonly AMAZON_CLOUD_DIRECTORY_FULL_ACCESS = "AmazonCloudDirectoryFullAccess" 312 | public static readonly AMAZON_CLOUD_DIRECTORY_READ_ONLY_ACCESS = "AmazonCloudDirectoryReadOnlyAccess" 313 | public static readonly AMAZON_CODE_GURU_PROFILER_FULL_ACCESS = "AmazonCodeGuruProfilerFullAccess" 314 | public static readonly AMAZON_CODE_GURU_PROFILER_READ_ONLY_ACCESS = "AmazonCodeGuruProfilerReadOnlyAccess" 315 | public static readonly AMAZON_CODE_GURU_REVIEWER_FULL_ACCESS = "AmazonCodeGuruReviewerFullAccess" 316 | public static readonly AMAZON_CODE_GURU_REVIEWER_READ_ONLY_ACCESS = "AmazonCodeGuruReviewerReadOnlyAccess" 317 | public static readonly AMAZON_CODE_GURU_REVIEWER_SERVICE_ROLE_POLICY = "aws-service-role/AmazonCodeGuruReviewerServiceRolePolicy" 318 | public static readonly AMAZON_COGNITO_DEVELOPER_AUTHENTICATED_IDENTITIES = "AmazonCognitoDeveloperAuthenticatedIdentities" 319 | public static readonly AMAZON_COGNITO_IDP_EMAIL_SERVICE_ROLE_POLICY = "aws-service-role/AmazonCognitoIdpEmailServiceRolePolicy" 320 | public static readonly AMAZON_COGNITO_POWER_USER = "AmazonCognitoPowerUser" 321 | public static readonly AMAZON_COGNITO_READ_ONLY = "AmazonCognitoReadOnly" 322 | public static readonly AMAZON_CONNECT_FULL_ACCESS = "AmazonConnectFullAccess" 323 | public static readonly AMAZON_CONNECT_READ_ONLY_ACCESS = "AmazonConnectReadOnlyAccess" 324 | public static readonly AMAZON_CONNECT_SERVICE_LINKED_ROLE_POLICY = "aws-service-role/AmazonConnectServiceLinkedRolePolicy" 325 | public static readonly AMAZON_DMS_CLOUD_WATCH_LOGS_ROLE = "service-role/AmazonDMSCloudWatchLogsRole" 326 | public static readonly AMAZON_DMS_REDSHIFT_S3_ROLE = "service-role/AmazonDMSRedshiftS3Role" 327 | public static readonly AMAZON_DMSVPC_MANAGEMENT_ROLE = "service-role/AmazonDMSVPCManagementRole" 328 | public static readonly AMAZON_DRSVPC_MANAGEMENT = "AmazonDRSVPCManagement" 329 | public static readonly AMAZON_DOC_DB_CONSOLE_FULL_ACCESS = "AmazonDocDBConsoleFullAccess" 330 | public static readonly AMAZON_DOC_DB_FULL_ACCESS = "AmazonDocDBFullAccess" 331 | public static readonly AMAZON_DOC_DB_READ_ONLY_ACCESS = "AmazonDocDBReadOnlyAccess" 332 | public static readonly AMAZON_DYNAMO_DB_FULL_ACCESS = "AmazonDynamoDBFullAccess" 333 | public static readonly AMAZON_DYNAMO_DB_FULL_ACCESSWITH_DATA_PIPELINE = "AmazonDynamoDBFullAccesswithDataPipeline" 334 | public static readonly AMAZON_DYNAMO_DB_READ_ONLY_ACCESS = "AmazonDynamoDBReadOnlyAccess" 335 | public static readonly AMAZON_EC2_CONTAINER_REGISTRY_FULL_ACCESS = "AmazonEC2ContainerRegistryFullAccess" 336 | public static readonly AMAZON_EC2_CONTAINER_REGISTRY_POWER_USER = "AmazonEC2ContainerRegistryPowerUser" 337 | public static readonly AMAZON_EC2_CONTAINER_REGISTRY_READ_ONLY = "AmazonEC2ContainerRegistryReadOnly" 338 | public static readonly AMAZON_EC2_CONTAINER_SERVICE_AUTOSCALE_ROLE = "service-role/AmazonEC2ContainerServiceAutoscaleRole" 339 | public static readonly AMAZON_EC2_CONTAINER_SERVICE_EVENTS_ROLE = "service-role/AmazonEC2ContainerServiceEventsRole" 340 | public static readonly AMAZON_EC2_CONTAINER_SERVICE_FULL_ACCESS = "AmazonEC2ContainerServiceFullAccess" 341 | public static readonly AMAZON_EC2_CONTAINER_SERVICE_ROLE = "service-role/AmazonEC2ContainerServiceRole" 342 | public static readonly AMAZON_EC2_CONTAINER_SERVICEFOR_EC_2_ROLE = "service-role/AmazonEC2ContainerServiceforEC2Role" 343 | public static readonly AMAZON_EC2_FULL_ACCESS = "AmazonEC2FullAccess" 344 | public static readonly AMAZON_EC2_READ_ONLY_ACCESS = "AmazonEC2ReadOnlyAccess" 345 | public static readonly AMAZON_EC2_REPORTS_ACCESS = "AmazonEC2ReportsAccess" 346 | public static readonly AMAZON_EC2_ROLE_POLICY_FOR_LAUNCH_WIZARD = "AmazonEC2RolePolicyForLaunchWizard" 347 | public static readonly AMAZON_EC2_ROLEFOR_AWS_CODE_DEPLOY = "service-role/AmazonEC2RoleforAWSCodeDeploy" 348 | public static readonly AMAZON_EC2_ROLEFOR_DATA_PIPELINE_ROLE = "service-role/AmazonEC2RoleforDataPipelineRole" 349 | public static readonly AMAZON_EC2_ROLEFOR_SSM = "service-role/AmazonEC2RoleforSSM" 350 | public static readonly AMAZON_EC2_SPOT_FLEET_AUTOSCALE_ROLE = "service-role/AmazonEC2SpotFleetAutoscaleRole" 351 | public static readonly AMAZON_EC2_SPOT_FLEET_TAGGING_ROLE = "service-role/AmazonEC2SpotFleetTaggingRole" 352 | public static readonly AMAZON_ECS_SERVICE_ROLE_POLICY = "aws-service-role/AmazonECSServiceRolePolicy" 353 | public static readonly AMAZON_ECS_TASK_EXECUTION_ROLE_POLICY = "service-role/AmazonECSTaskExecutionRolePolicy" 354 | public static readonly AMAZON_ECS_FULL_ACCESS = "AmazonECS_FullAccess" 355 | public static readonly AMAZON_EKS_CLUSTER_POLICY = "AmazonEKSClusterPolicy" 356 | public static readonly AMAZON_EKS_FARGATE_POD_EXECUTION_ROLE_POLICY = "AmazonEKSFargatePodExecutionRolePolicy" 357 | public static readonly AMAZON_EKS_FOR_FARGATE_SERVICE_ROLE_POLICY = "aws-service-role/AmazonEKSForFargateServiceRolePolicy" 358 | public static readonly AMAZON_EKS_SERVICE_POLICY = "AmazonEKSServicePolicy" 359 | public static readonly AMAZON_EKS_WORKER_NODE_POLICY = "AmazonEKSWorkerNodePolicy" 360 | public static readonly AMAZON_EKS_CNI_POLICY = "AmazonEKS_CNI_Policy" 361 | public static readonly AMAZON_EMR_CLEANUP_POLICY = "aws-service-role/AmazonEMRCleanupPolicy" 362 | public static readonly AMAZON_ES_COGNITO_ACCESS = "AmazonESCognitoAccess" 363 | public static readonly AMAZON_ES_FULL_ACCESS = "AmazonESFullAccess" 364 | public static readonly AMAZON_ES_READ_ONLY_ACCESS = "AmazonESReadOnlyAccess" 365 | public static readonly AMAZON_ELASTI_CACHE_FULL_ACCESS = "AmazonElastiCacheFullAccess" 366 | public static readonly AMAZON_ELASTI_CACHE_READ_ONLY_ACCESS = "AmazonElastiCacheReadOnlyAccess" 367 | public static readonly AMAZON_ELASTIC_FILE_SYSTEM_FULL_ACCESS = "AmazonElasticFileSystemFullAccess" 368 | public static readonly AMAZON_ELASTIC_FILE_SYSTEM_READ_ONLY_ACCESS = "AmazonElasticFileSystemReadOnlyAccess" 369 | public static readonly AMAZON_ELASTIC_FILE_SYSTEM_SERVICE_ROLE_POLICY = "aws-service-role/AmazonElasticFileSystemServiceRolePolicy" 370 | public static readonly AMAZON_ELASTIC_MAP_REDUCE_EDITORS_ROLE = "service-role/AmazonElasticMapReduceEditorsRole" 371 | public static readonly AMAZON_ELASTIC_MAP_REDUCE_FULL_ACCESS = "AmazonElasticMapReduceFullAccess" 372 | public static readonly AMAZON_ELASTIC_MAP_REDUCE_READ_ONLY_ACCESS = "AmazonElasticMapReduceReadOnlyAccess" 373 | public static readonly AMAZON_ELASTIC_MAP_REDUCE_ROLE = "service-role/AmazonElasticMapReduceRole" 374 | public static readonly AMAZON_ELASTIC_MAP_REDUCEFOR_AUTO_SCALING_ROLE = "service-role/AmazonElasticMapReduceforAutoScalingRole" 375 | public static readonly AMAZON_ELASTIC_MAP_REDUCEFOR_EC2_ROLE = "service-role/AmazonElasticMapReduceforEC2Role" 376 | public static readonly AMAZON_ELASTIC_TRANSCODER_ROLE = "service-role/AmazonElasticTranscoderRole" 377 | public static readonly AMAZON_ELASTIC_TRANSCODER_FULL_ACCESS = "AmazonElasticTranscoder_FullAccess" 378 | public static readonly AMAZON_ELASTIC_TRANSCODER_JOBS_SUBMITTER = "AmazonElasticTranscoder_JobsSubmitter" 379 | public static readonly AMAZON_ELASTIC_TRANSCODER_READ_ONLY_ACCESS = "AmazonElasticTranscoder_ReadOnlyAccess" 380 | public static readonly AMAZON_ELASTICSEARCH_SERVICE_ROLE_POLICY = "aws-service-role/AmazonElasticsearchServiceRolePolicy" 381 | public static readonly AMAZON_EVENT_BRIDGE_FULL_ACCESS = "AmazonEventBridgeFullAccess" 382 | public static readonly AMAZON_EVENT_BRIDGE_READ_ONLY_ACCESS = "AmazonEventBridgeReadOnlyAccess" 383 | public static readonly AMAZON_EVENT_BRIDGE_SCHEMAS_FULL_ACCESS = "AmazonEventBridgeSchemasFullAccess" 384 | public static readonly AMAZON_EVENT_BRIDGE_SCHEMAS_READ_ONLY_ACCESS = "AmazonEventBridgeSchemasReadOnlyAccess" 385 | public static readonly AMAZON_EVENT_BRIDGE_SCHEMAS_SERVICE_ROLE_POLICY = "aws-service-role/AmazonEventBridgeSchemasServiceRolePolicy" 386 | public static readonly AMAZON_F_SX_CONSOLE_FULL_ACCESS = "AmazonFSxConsoleFullAccess" 387 | public static readonly AMAZON_F_SX_CONSOLE_READ_ONLY_ACCESS = "AmazonFSxConsoleReadOnlyAccess" 388 | public static readonly AMAZON_F_SX_FULL_ACCESS = "AmazonFSxFullAccess" 389 | public static readonly AMAZON_F_SX_READ_ONLY_ACCESS = "AmazonFSxReadOnlyAccess" 390 | public static readonly AMAZON_F_SX_SERVICE_ROLE_POLICY = "aws-service-role/AmazonFSxServiceRolePolicy" 391 | public static readonly AMAZON_FORECAST_FULL_ACCESS = "AmazonForecastFullAccess" 392 | public static readonly AMAZON_FRAUD_DETECTOR_FULL_ACCESS_POLICY = "AmazonFraudDetectorFullAccessPolicy" 393 | public static readonly AMAZON_FREE_RTOS_FULL_ACCESS = "AmazonFreeRTOSFullAccess" 394 | public static readonly AMAZON_FREE_RTOSOTA_UPDATE = "service-role/AmazonFreeRTOSOTAUpdate" 395 | public static readonly AMAZON_GLACIER_FULL_ACCESS = "AmazonGlacierFullAccess" 396 | public static readonly AMAZON_GLACIER_READ_ONLY_ACCESS = "AmazonGlacierReadOnlyAccess" 397 | public static readonly AMAZON_GUARD_DUTY_FULL_ACCESS = "AmazonGuardDutyFullAccess" 398 | public static readonly AMAZON_GUARD_DUTY_READ_ONLY_ACCESS = "AmazonGuardDutyReadOnlyAccess" 399 | public static readonly AMAZON_GUARD_DUTY_SERVICE_ROLE_POLICY = "aws-service-role/AmazonGuardDutyServiceRolePolicy" 400 | public static readonly AMAZON_INSPECTOR_FULL_ACCESS = "AmazonInspectorFullAccess" 401 | public static readonly AMAZON_INSPECTOR_READ_ONLY_ACCESS = "AmazonInspectorReadOnlyAccess" 402 | public static readonly AMAZON_INSPECTOR_SERVICE_ROLE_POLICY = "aws-service-role/AmazonInspectorServiceRolePolicy" 403 | public static readonly AMAZON_KENDRA_FULL_ACCESS = "AmazonKendraFullAccess" 404 | public static readonly AMAZON_KENDRA_READ_ONLY_ACCESS = "AmazonKendraReadOnlyAccess" 405 | public static readonly AMAZON_KINESIS_ANALYTICS_FULL_ACCESS = "AmazonKinesisAnalyticsFullAccess" 406 | public static readonly AMAZON_KINESIS_ANALYTICS_READ_ONLY = "AmazonKinesisAnalyticsReadOnly" 407 | public static readonly AMAZON_KINESIS_FIREHOSE_FULL_ACCESS = "AmazonKinesisFirehoseFullAccess" 408 | public static readonly AMAZON_KINESIS_FIREHOSE_READ_ONLY_ACCESS = "AmazonKinesisFirehoseReadOnlyAccess" 409 | public static readonly AMAZON_KINESIS_FULL_ACCESS = "AmazonKinesisFullAccess" 410 | public static readonly AMAZON_KINESIS_READ_ONLY_ACCESS = "AmazonKinesisReadOnlyAccess" 411 | public static readonly AMAZON_KINESIS_VIDEO_STREAMS_FULL_ACCESS = "AmazonKinesisVideoStreamsFullAccess" 412 | public static readonly AMAZON_KINESIS_VIDEO_STREAMS_READ_ONLY_ACCESS = "AmazonKinesisVideoStreamsReadOnlyAccess" 413 | public static readonly AMAZON_LAUNCH_WIZARD_FULLACCESS = "AmazonLaunchWizardFullaccess" 414 | public static readonly AMAZON_LEX_FULL_ACCESS = "AmazonLexFullAccess" 415 | public static readonly AMAZON_LEX_READ_ONLY = "AmazonLexReadOnly" 416 | public static readonly AMAZON_LEX_RUN_BOTS_ONLY = "AmazonLexRunBotsOnly" 417 | public static readonly AMAZON_MCS_FULL_ACCESS = "AmazonMCSFullAccess" 418 | public static readonly AMAZON_MCS_READ_ONLY_ACCESS = "AmazonMCSReadOnlyAccess" 419 | public static readonly AMAZON_MQ_API_FULL_ACCESS = "AmazonMQApiFullAccess" 420 | public static readonly AMAZON_MQ_API_READ_ONLY_ACCESS = "AmazonMQApiReadOnlyAccess" 421 | public static readonly AMAZON_MQ_FULL_ACCESS = "AmazonMQFullAccess" 422 | public static readonly AMAZON_MQ_READ_ONLY_ACCESS = "AmazonMQReadOnlyAccess" 423 | public static readonly AMAZON_MSK_FULL_ACCESS = "AmazonMSKFullAccess" 424 | public static readonly AMAZON_MSK_READ_ONLY_ACCESS = "AmazonMSKReadOnlyAccess" 425 | public static readonly AMAZON_MACHINE_LEARNING_BATCH_PREDICTIONS_ACCESS = "AmazonMachineLearningBatchPredictionsAccess" 426 | public static readonly AMAZON_MACHINE_LEARNING_CREATE_ONLY_ACCESS = "AmazonMachineLearningCreateOnlyAccess" 427 | public static readonly AMAZON_MACHINE_LEARNING_FULL_ACCESS = "AmazonMachineLearningFullAccess" 428 | public static readonly AMAZON_MACHINE_LEARNING_MANAGE_REAL_TIME_ENDPOINT_ONLY_ACCESS = "AmazonMachineLearningManageRealTimeEndpointOnlyAccess" 429 | public static readonly AMAZON_MACHINE_LEARNING_READ_ONLY_ACCESS = "AmazonMachineLearningReadOnlyAccess" 430 | public static readonly AMAZON_MACHINE_LEARNING_REAL_TIME_PREDICTION_ONLY_ACCESS = "AmazonMachineLearningRealTimePredictionOnlyAccess" 431 | public static readonly AMAZON_MACHINE_LEARNING_ROLEFOR_REDSHIFT_DATA_SOURCE_V_2 = "service-role/AmazonMachineLearningRoleforRedshiftDataSourceV2" 432 | public static readonly AMAZON_MACIE_FULL_ACCESS = "AmazonMacieFullAccess" 433 | public static readonly AMAZON_MACIE_HANDSHAKE_ROLE = "service-role/AmazonMacieHandshakeRole" 434 | public static readonly AMAZON_MACIE_SERVICE_ROLE = "service-role/AmazonMacieServiceRole" 435 | public static readonly AMAZON_MACIE_SERVICE_ROLE_POLICY = "aws-service-role/AmazonMacieServiceRolePolicy" 436 | public static readonly AMAZON_MACIE_SETUP_ROLE = "service-role/AmazonMacieSetupRole" 437 | public static readonly AMAZON_MANAGED_BLOCKCHAIN_CONSOLE_FULL_ACCESS = "AmazonManagedBlockchainConsoleFullAccess" 438 | public static readonly AMAZON_MANAGED_BLOCKCHAIN_FULL_ACCESS = "AmazonManagedBlockchainFullAccess" 439 | public static readonly AMAZON_MANAGED_BLOCKCHAIN_READ_ONLY_ACCESS = "AmazonManagedBlockchainReadOnlyAccess" 440 | public static readonly AMAZON_MECHANICAL_TURK_FULL_ACCESS = "AmazonMechanicalTurkFullAccess" 441 | public static readonly AMAZON_MECHANICAL_TURK_READ_ONLY = "AmazonMechanicalTurkReadOnly" 442 | public static readonly AMAZON_MOBILE_ANALYTICS_FINANCIAL_REPORT_ACCESS = "AmazonMobileAnalyticsFinancialReportAccess" 443 | public static readonly AMAZON_MOBILE_ANALYTICS_FULL_ACCESS = "AmazonMobileAnalyticsFullAccess" 444 | public static readonly AMAZON_MOBILE_ANALYTICS_NON_FINANCIAL_REPORT_ACCESS = "AmazonMobileAnalyticsNon-financialReportAccess" 445 | public static readonly AMAZON_MOBILE_ANALYTICS_WRITE_ONLY_ACCESS = "AmazonMobileAnalyticsWriteOnlyAccess" 446 | public static readonly AMAZON_PERSONALIZE_FULL_ACCESS = "service-role/AmazonPersonalizeFullAccess" 447 | public static readonly AMAZON_POLLY_FULL_ACCESS = "AmazonPollyFullAccess" 448 | public static readonly AMAZON_POLLY_READ_ONLY_ACCESS = "AmazonPollyReadOnlyAccess" 449 | public static readonly AMAZON_QLDB_CONSOLE_FULL_ACCESS = "AmazonQLDBConsoleFullAccess" 450 | public static readonly AMAZON_QLDB_FULL_ACCESS = "AmazonQLDBFullAccess" 451 | public static readonly AMAZON_QLDB_READ_ONLY = "AmazonQLDBReadOnly" 452 | public static readonly AMAZON_RDS_BETA_SERVICE_ROLE_POLICY = "aws-service-role/AmazonRDSBetaServiceRolePolicy" 453 | public static readonly AMAZON_RDS_DATA_FULL_ACCESS = "AmazonRDSDataFullAccess" 454 | public static readonly AMAZON_RDS_DIRECTORY_SERVICE_ACCESS = "service-role/AmazonRDSDirectoryServiceAccess" 455 | public static readonly AMAZON_RDS_ENHANCED_MONITORING_ROLE = "service-role/AmazonRDSEnhancedMonitoringRole" 456 | public static readonly AMAZON_RDS_FULL_ACCESS = "AmazonRDSFullAccess" 457 | public static readonly AMAZON_RDS_PREVIEW_SERVICE_ROLE_POLICY = "aws-service-role/AmazonRDSPreviewServiceRolePolicy" 458 | public static readonly AMAZON_RDS_READ_ONLY_ACCESS = "AmazonRDSReadOnlyAccess" 459 | public static readonly AMAZON_RDS_SERVICE_ROLE_POLICY = "aws-service-role/AmazonRDSServiceRolePolicy" 460 | public static readonly AMAZON_REDSHIFT_FULL_ACCESS = "AmazonRedshiftFullAccess" 461 | public static readonly AMAZON_REDSHIFT_QUERY_EDITOR = "AmazonRedshiftQueryEditor" 462 | public static readonly AMAZON_REDSHIFT_READ_ONLY_ACCESS = "AmazonRedshiftReadOnlyAccess" 463 | public static readonly AMAZON_REDSHIFT_SERVICE_LINKED_ROLE_POLICY = "aws-service-role/AmazonRedshiftServiceLinkedRolePolicy" 464 | public static readonly AMAZON_REKOGNITION_FULL_ACCESS = "AmazonRekognitionFullAccess" 465 | public static readonly AMAZON_REKOGNITION_READ_ONLY_ACCESS = "AmazonRekognitionReadOnlyAccess" 466 | public static readonly AMAZON_REKOGNITION_SERVICE_ROLE = "service-role/AmazonRekognitionServiceRole" 467 | public static readonly AMAZON_ROUTE_53_AUTO_NAMING_FULL_ACCESS = "AmazonRoute53AutoNamingFullAccess" 468 | public static readonly AMAZON_ROUTE_53_AUTO_NAMING_READ_ONLY_ACCESS = "AmazonRoute53AutoNamingReadOnlyAccess" 469 | public static readonly AMAZON_ROUTE_53_AUTO_NAMING_REGISTRANT_ACCESS = "AmazonRoute53AutoNamingRegistrantAccess" 470 | public static readonly AMAZON_ROUTE_53_DOMAINS_FULL_ACCESS = "AmazonRoute53DomainsFullAccess" 471 | public static readonly AMAZON_ROUTE_53_DOMAINS_READ_ONLY_ACCESS = "AmazonRoute53DomainsReadOnlyAccess" 472 | public static readonly AMAZON_ROUTE_53_FULL_ACCESS = "AmazonRoute53FullAccess" 473 | public static readonly AMAZON_ROUTE_53_READ_ONLY_ACCESS = "AmazonRoute53ReadOnlyAccess" 474 | public static readonly AMAZON_ROUTE_53_RESOLVER_FULL_ACCESS = "AmazonRoute53ResolverFullAccess" 475 | public static readonly AMAZON_ROUTE_53_RESOLVER_READ_ONLY_ACCESS = "AmazonRoute53ResolverReadOnlyAccess" 476 | public static readonly AMAZON_S3_FULL_ACCESS = "AmazonS3FullAccess" 477 | public static readonly AMAZON_S3_READ_ONLY_ACCESS = "AmazonS3ReadOnlyAccess" 478 | public static readonly AMAZON_SES_FULL_ACCESS = "AmazonSESFullAccess" 479 | public static readonly AMAZON_SES_READ_ONLY_ACCESS = "AmazonSESReadOnlyAccess" 480 | public static readonly AMAZON_SNS_FULL_ACCESS = "AmazonSNSFullAccess" 481 | public static readonly AMAZON_SNS_READ_ONLY_ACCESS = "AmazonSNSReadOnlyAccess" 482 | public static readonly AMAZON_SNS_ROLE = "service-role/AmazonSNSRole" 483 | public static readonly AMAZON_SQS_FULL_ACCESS = "AmazonSQSFullAccess" 484 | public static readonly AMAZON_SQS_READ_ONLY_ACCESS = "AmazonSQSReadOnlyAccess" 485 | public static readonly AMAZON_SSM_AUTOMATION_APPROVER_ACCESS = "AmazonSSMAutomationApproverAccess" 486 | public static readonly AMAZON_SSM_AUTOMATION_ROLE = "service-role/AmazonSSMAutomationRole" 487 | public static readonly AMAZON_SSM_DIRECTORY_SERVICE_ACCESS = "AmazonSSMDirectoryServiceAccess" 488 | public static readonly AMAZON_SSM_FULL_ACCESS = "AmazonSSMFullAccess" 489 | public static readonly AMAZON_SSM_MAINTENANCE_WINDOW_ROLE = "service-role/AmazonSSMMaintenanceWindowRole" 490 | public static readonly AMAZON_SSM_MANAGED_INSTANCE_CORE = "AmazonSSMManagedInstanceCore" 491 | public static readonly AMAZON_SSM_READ_ONLY_ACCESS = "AmazonSSMReadOnlyAccess" 492 | public static readonly AMAZON_SSM_SERVICE_ROLE_POLICY = "aws-service-role/AmazonSSMServiceRolePolicy" 493 | public static readonly AMAZON_SAGE_MAKER_FULL_ACCESS = "AmazonSageMakerFullAccess" 494 | public static readonly AMAZON_SAGE_MAKER_MECHANICAL_TURK_ACCESS = "AmazonSageMakerMechanicalTurkAccess" 495 | public static readonly AMAZON_SAGE_MAKER_NOTEBOOKS_SERVICE_ROLE_POLICY = "aws-service-role/AmazonSageMakerNotebooksServiceRolePolicy" 496 | public static readonly AMAZON_SAGE_MAKER_READ_ONLY = "AmazonSageMakerReadOnly" 497 | public static readonly AMAZON_SUMERIAN_FULL_ACCESS = "AmazonSumerianFullAccess" 498 | public static readonly AMAZON_TEXTRACT_FULL_ACCESS = "AmazonTextractFullAccess" 499 | public static readonly AMAZON_TEXTRACT_SERVICE_ROLE = "service-role/AmazonTextractServiceRole" 500 | public static readonly AMAZON_TRANSCRIBE_FULL_ACCESS = "AmazonTranscribeFullAccess" 501 | public static readonly AMAZON_TRANSCRIBE_READ_ONLY_ACCESS = "AmazonTranscribeReadOnlyAccess" 502 | public static readonly AMAZON_VPC_CROSS_ACCOUNT_NETWORK_INTERFACE_OPERATIONS = "AmazonVPCCrossAccountNetworkInterfaceOperations" 503 | public static readonly AMAZON_VPC_FULL_ACCESS = "AmazonVPCFullAccess" 504 | public static readonly AMAZON_VPC_READ_ONLY_ACCESS = "AmazonVPCReadOnlyAccess" 505 | public static readonly AMAZON_WORK_LINK_FULL_ACCESS = "AmazonWorkLinkFullAccess" 506 | public static readonly AMAZON_WORK_LINK_READ_ONLY = "AmazonWorkLinkReadOnly" 507 | public static readonly AMAZON_WORK_LINK_SERVICE_ROLE_POLICY = "aws-service-role/AmazonWorkLinkServiceRolePolicy" 508 | public static readonly AMAZON_WORK_MAIL_EVENTS_SERVICE_ROLE_POLICY = "aws-service-role/AmazonWorkMailEventsServiceRolePolicy" 509 | public static readonly AMAZON_WORK_MAIL_FULL_ACCESS = "AmazonWorkMailFullAccess" 510 | public static readonly AMAZON_WORK_MAIL_READ_ONLY_ACCESS = "AmazonWorkMailReadOnlyAccess" 511 | public static readonly AMAZON_WORK_SPACES_ADMIN = "AmazonWorkSpacesAdmin" 512 | public static readonly AMAZON_WORK_SPACES_APPLICATION_MANAGER_ADMIN_ACCESS = "AmazonWorkSpacesApplicationManagerAdminAccess" 513 | public static readonly AMAZON_WORK_SPACES_SELF_SERVICE_ACCESS = "AmazonWorkSpacesSelfServiceAccess" 514 | public static readonly AMAZON_WORK_SPACES_SERVICE_ACCESS = "AmazonWorkSpacesServiceAccess" 515 | public static readonly AMAZON_ZOCALO_FULL_ACCESS = "AmazonZocaloFullAccess" 516 | public static readonly AMAZON_ZOCALO_READ_ONLY_ACCESS = "AmazonZocaloReadOnlyAccess" 517 | public static readonly APPLICATION_AUTO_SCALING_FOR_AMAZON_APP_STREAM_ACCESS = "service-role/ApplicationAutoScalingForAmazonAppStreamAccess" 518 | public static readonly APPLICATION_DISCOVERY_SERVICE_CONTINUOUS_EXPORT_SERVICE_ROLE_POLICY = "aws-service-role/ApplicationDiscoveryServiceContinuousExportServiceRolePolicy" 519 | public static readonly AUTO_SCALING_CONSOLE_FULL_ACCESS = "AutoScalingConsoleFullAccess" 520 | public static readonly AUTO_SCALING_CONSOLE_READ_ONLY_ACCESS = "AutoScalingConsoleReadOnlyAccess" 521 | public static readonly AUTO_SCALING_FULL_ACCESS = "AutoScalingFullAccess" 522 | public static readonly AUTO_SCALING_NOTIFICATION_ACCESS_ROLE = "service-role/AutoScalingNotificationAccessRole" 523 | public static readonly AUTO_SCALING_READ_ONLY_ACCESS = "AutoScalingReadOnlyAccess" 524 | public static readonly AUTO_SCALING_SERVICE_ROLE_POLICY = "aws-service-role/AutoScalingServiceRolePolicy" 525 | public static readonly BILLING = "job-function/Billing" 526 | public static readonly CLIENT_VPN_SERVICE_ROLE_POLICY = "aws-service-role/ClientVPNServiceRolePolicy" 527 | public static readonly CLOUD_FORMATION_STACK_SETS_ORG_ADMIN_SERVICE_ROLE_POLICY = "aws-service-role/CloudFormationStackSetsOrgAdminServiceRolePolicy" 528 | public static readonly CLOUD_FORMATION_STACK_SETS_ORG_MEMBER_SERVICE_ROLE_POLICY = "aws-service-role/CloudFormationStackSetsOrgMemberServiceRolePolicy" 529 | public static readonly CLOUD_FRONT_FULL_ACCESS = "CloudFrontFullAccess" 530 | public static readonly CLOUD_FRONT_READ_ONLY_ACCESS = "CloudFrontReadOnlyAccess" 531 | public static readonly CLOUD_HSM_SERVICE_ROLE_POLICY = "aws-service-role/CloudHSMServiceRolePolicy" 532 | public static readonly CLOUD_SEARCH_FULL_ACCESS = "CloudSearchFullAccess" 533 | public static readonly CLOUD_SEARCH_READ_ONLY_ACCESS = "CloudSearchReadOnlyAccess" 534 | public static readonly CLOUD_TRAIL_SERVICE_ROLE_POLICY = "aws-service-role/CloudTrailServiceRolePolicy" 535 | public static readonly CLOUD_WATCH_CROSS_ACCOUNT_ACCESS = "aws-service-role/CloudWatch-CrossAccountAccess" 536 | public static readonly CLOUD_WATCH_ACTIONS_EC2_ACCESS = "CloudWatchActionsEC2Access" 537 | public static readonly CLOUD_WATCH_AGENT_ADMIN_POLICY = "CloudWatchAgentAdminPolicy" 538 | public static readonly CLOUD_WATCH_AGENT_SERVER_POLICY = "CloudWatchAgentServerPolicy" 539 | public static readonly CLOUD_WATCH_AUTOMATIC_DASHBOARDS_ACCESS = "CloudWatchAutomaticDashboardsAccess" 540 | public static readonly CLOUD_WATCH_EVENTS_BUILT_IN_TARGET_EXECUTION_ACCESS = "service-role/CloudWatchEventsBuiltInTargetExecutionAccess" 541 | public static readonly CLOUD_WATCH_EVENTS_FULL_ACCESS = "CloudWatchEventsFullAccess" 542 | public static readonly CLOUD_WATCH_EVENTS_INVOCATION_ACCESS = "service-role/CloudWatchEventsInvocationAccess" 543 | public static readonly CLOUD_WATCH_EVENTS_READ_ONLY_ACCESS = "CloudWatchEventsReadOnlyAccess" 544 | public static readonly CLOUD_WATCH_EVENTS_SERVICE_ROLE_POLICY = "aws-service-role/CloudWatchEventsServiceRolePolicy" 545 | public static readonly CLOUD_WATCH_FULL_ACCESS = "CloudWatchFullAccess" 546 | public static readonly CLOUD_WATCH_LOGS_FULL_ACCESS = "CloudWatchLogsFullAccess" 547 | public static readonly CLOUD_WATCH_LOGS_READ_ONLY_ACCESS = "CloudWatchLogsReadOnlyAccess" 548 | public static readonly CLOUD_WATCH_READ_ONLY_ACCESS = "CloudWatchReadOnlyAccess" 549 | public static readonly CLOUD_WATCH_SYNTHETICS_FULL_ACCESS = "CloudWatchSyntheticsFullAccess" 550 | public static readonly CLOUD_WATCH_SYNTHETICS_READ_ONLY_ACCESS = "CloudWatchSyntheticsReadOnlyAccess" 551 | public static readonly CLOUDWATCH_APPLICATION_INSIGHTS_SERVICE_LINKED_ROLE_POLICY = "aws-service-role/CloudwatchApplicationInsightsServiceLinkedRolePolicy" 552 | public static readonly COMPREHEND_DATA_ACCESS_ROLE_POLICY = "service-role/ComprehendDataAccessRolePolicy" 553 | public static readonly COMPREHEND_FULL_ACCESS = "ComprehendFullAccess" 554 | public static readonly COMPREHEND_MEDICAL_FULL_ACCESS = "ComprehendMedicalFullAccess" 555 | public static readonly COMPREHEND_READ_ONLY = "ComprehendReadOnly" 556 | public static readonly COMPUTE_OPTIMIZER_SERVICE_ROLE_POLICY = "aws-service-role/ComputeOptimizerServiceRolePolicy" 557 | public static readonly CONFIG_CONFORMS_SERVICE_ROLE_POLICY = "aws-service-role/ConfigConformsServiceRolePolicy" 558 | public static readonly DAX_SERVICE_ROLE_POLICY = "aws-service-role/DAXServiceRolePolicy" 559 | public static readonly DATA_SCIENTIST = "job-function/DataScientist" 560 | public static readonly DATABASE_ADMINISTRATOR = "job-function/DatabaseAdministrator" 561 | public static readonly DYNAMO_DB_CLOUD_WATCH_CONTRIBUTOR_INSIGHTS_SERVICE_ROLE_POLICY = "aws-service-role/DynamoDBCloudWatchContributorInsightsServiceRolePolicy" 562 | public static readonly DYNAMO_DB_REPLICATION_SERVICE_ROLE_POLICY = "aws-service-role/DynamoDBReplicationServiceRolePolicy" 563 | public static readonly EC2_INSTANCE_CONNECT = "EC2InstanceConnect" 564 | public static readonly EC2_INSTANCE_PROFILE_FOR_IMAGE_BUILDER = "EC2InstanceProfileForImageBuilder" 565 | public static readonly ELASTI_CACHE_SERVICE_ROLE_POLICY = "aws-service-role/ElastiCacheServiceRolePolicy" 566 | public static readonly ELASTIC_LOAD_BALANCING_FULL_ACCESS = "ElasticLoadBalancingFullAccess" 567 | public static readonly ELASTIC_LOAD_BALANCING_READ_ONLY = "ElasticLoadBalancingReadOnly" 568 | public static readonly ELEMENTAL_APPLIANCES_SOFTWARE_FULL_ACCESS = "ElementalAppliancesSoftwareFullAccess" 569 | public static readonly FMS_SERVICE_ROLE_POLICY = "aws-service-role/FMSServiceRolePolicy" 570 | public static readonly F_SX_DELETE_SERVICE_LINKED_ROLE_ACCESS = "aws-service-role/FSxDeleteServiceLinkedRoleAccess" 571 | public static readonly GLOBAL_ACCELERATOR_FULL_ACCESS = "GlobalAcceleratorFullAccess" 572 | public static readonly GLOBAL_ACCELERATOR_READ_ONLY_ACCESS = "GlobalAcceleratorReadOnlyAccess" 573 | public static readonly GREENGRASS_OTA_UPDATE_ARTIFACT_ACCESS = "service-role/GreengrassOTAUpdateArtifactAccess" 574 | public static readonly HEALTH_ORGANIZATIONS_SERVICE_ROLE_POLICY = "aws-service-role/Health_OrganizationsServiceRolePolicy" 575 | public static readonly IAM_ACCESS_ADVISOR_READ_ONLY = "IAMAccessAdvisorReadOnly" 576 | public static readonly IAM_ACCESS_ANALYZER_FULL_ACCESS = "IAMAccessAnalyzerFullAccess" 577 | public static readonly IAM_ACCESS_ANALYZER_READ_ONLY_ACCESS = "IAMAccessAnalyzerReadOnlyAccess" 578 | public static readonly IAM_FULL_ACCESS = "IAMFullAccess" 579 | public static readonly IAM_READ_ONLY_ACCESS = "IAMReadOnlyAccess" 580 | public static readonly IAM_SELF_MANAGE_SERVICE_SPECIFIC_CREDENTIALS = "IAMSelfManageServiceSpecificCredentials" 581 | public static readonly IAM_USER_CHANGE_PASSWORD = "IAMUserChangePassword" 582 | public static readonly IAM_USER_SSH_KEYS = "IAMUserSSHKeys" 583 | public static readonly KAFKA_SERVICE_ROLE_POLICY = "aws-service-role/KafkaServiceRolePolicy" 584 | public static readonly LAKE_FORMATION_DATA_ACCESS_SERVICE_ROLE_POLICY = "aws-service-role/LakeFormationDataAccessServiceRolePolicy" 585 | public static readonly LEX_BOT_POLICY = "aws-service-role/LexBotPolicy" 586 | public static readonly LEX_CHANNEL_POLICY = "aws-service-role/LexChannelPolicy" 587 | public static readonly LIGHTSAIL_EXPORT_ACCESS = "aws-service-role/LightsailExportAccess" 588 | public static readonly MIGRATION_HUB_DMS_ACCESS_SERVICE_ROLE_POLICY = "aws-service-role/MigrationHubDMSAccessServiceRolePolicy" 589 | public static readonly MIGRATION_HUB_SMS_ACCESS_SERVICE_ROLE_POLICY = "aws-service-role/MigrationHubSMSAccessServiceRolePolicy" 590 | public static readonly MIGRATION_HUB_SERVICE_ROLE_POLICY = "aws-service-role/MigrationHubServiceRolePolicy" 591 | public static readonly NEPTUNE_CONSOLE_FULL_ACCESS = "NeptuneConsoleFullAccess" 592 | public static readonly NEPTUNE_FULL_ACCESS = "NeptuneFullAccess" 593 | public static readonly NEPTUNE_READ_ONLY_ACCESS = "NeptuneReadOnlyAccess" 594 | public static readonly NETWORK_ADMINISTRATOR = "job-function/NetworkAdministrator" 595 | public static readonly POWER_USER_ACCESS = "PowerUserAccess" 596 | public static readonly QUICK_SIGHT_ACCESS_FOR_S3_STORAGE_MANAGEMENT_ANALYTICS_READ_ONLY = "service-role/QuickSightAccessForS3StorageManagementAnalyticsReadOnly" 597 | public static readonly RDS_CLOUD_HSM_AUTHORIZATION_ROLE = "service-role/RDSCloudHsmAuthorizationRole" 598 | public static readonly READ_ONLY_ACCESS = "ReadOnlyAccess" 599 | public static readonly RESOURCE_GROUPSAND_TAG_EDITOR_FULL_ACCESS = "ResourceGroupsandTagEditorFullAccess" 600 | public static readonly RESOURCE_GROUPSAND_TAG_EDITOR_READ_ONLY_ACCESS = "ResourceGroupsandTagEditorReadOnlyAccess" 601 | public static readonly SECRETS_MANAGER_READ_WRITE = "SecretsManagerReadWrite" 602 | public static readonly SECURITY_AUDIT = "SecurityAudit" 603 | public static readonly SERVER_MIGRATION_CONNECTOR = "ServerMigrationConnector" 604 | public static readonly SERVER_MIGRATION_SERVICE_LAUNCH_ROLE = "service-role/ServerMigrationServiceLaunchRole" 605 | public static readonly SERVER_MIGRATION_SERVICE_ROLE = "service-role/ServerMigrationServiceRole" 606 | public static readonly SERVICE_QUOTAS_FULL_ACCESS = "ServiceQuotasFullAccess" 607 | public static readonly SERVICE_QUOTAS_READ_ONLY_ACCESS = "ServiceQuotasReadOnlyAccess" 608 | public static readonly SERVICE_QUOTAS_SERVICE_ROLE_POLICY = "aws-service-role/ServiceQuotasServiceRolePolicy" 609 | public static readonly SIMPLE_WORKFLOW_FULL_ACCESS = "SimpleWorkflowFullAccess" 610 | public static readonly SUPPORT_USER = "job-function/SupportUser" 611 | public static readonly SYSTEM_ADMINISTRATOR = "job-function/SystemAdministrator" 612 | public static readonly TAG_POLICIES_SERVICE_ROLE_POLICY = "aws-service-role/TagPoliciesServiceRolePolicy" 613 | public static readonly TRANSLATE_FULL_ACCESS = "TranslateFullAccess" 614 | public static readonly TRANSLATE_READ_ONLY = "TranslateReadOnly" 615 | public static readonly VM_IMPORT_EXPORT_ROLE_FOR_AWS_CONNECTOR = "service-role/VMImportExportRoleForAWSConnector" 616 | public static readonly VIEW_ONLY_ACCESS = "job-function/ViewOnlyAccess" 617 | public static readonly WAF_LOGGING_SERVICE_ROLE_POLICY = "aws-service-role/WAFLoggingServiceRolePolicy" 618 | public static readonly WAF_REGIONAL_LOGGING_SERVICE_ROLE_POLICY = "aws-service-role/WAFRegionalLoggingServiceRolePolicy" 619 | public static readonly WAFV_2_LOGGING_SERVICE_ROLE_POLICY = "aws-service-role/WAFV2LoggingServiceRolePolicy" 620 | public static readonly WELL_ARCHITECTED_CONSOLE_FULL_ACCESS = "WellArchitectedConsoleFullAccess" 621 | public static readonly WELL_ARCHITECTED_CONSOLE_READ_ONLY_ACCESS = "WellArchitectedConsoleReadOnlyAccess" 622 | public static readonly WORK_LINK_SERVICE_ROLE_POLICY = "WorkLinkServiceRolePolicy" 623 | } -------------------------------------------------------------------------------- /lib/principals.ts: -------------------------------------------------------------------------------- 1 | export class FederatedPrincipals { 2 | public static readonly COGNITO_IDENTITY = "cognito-identity.amazonaws.com"; 3 | } 4 | 5 | export class ServicePrincipals { 6 | public static readonly ACM = "acm.amazonaws.com"; 7 | public static readonly ALEXA_APPKIT = "alexa_appkit.amazon.com"; 8 | public static readonly API_GATEWAY = "apigateway.amazonaws.com"; 9 | public static readonly APPLICATION_AUTOSCALING = 10 | "applicatio readonly -autoscaling.amazonaws.com"; 11 | public static readonly APP_STREAM = 12 | "appstream.application-autoscaling.amazonaws.com"; 13 | public static readonly APP_SYNC = "appsync.amazonaws.com"; 14 | public static readonly ATHENA = "athena.amazonaws.com"; 15 | public static readonly AUTO_SCALING = "autoscaling.amazonaws.com"; 16 | public static readonly BATCH = "batch.amazonaws.com"; 17 | public static readonly CHANNELS = "channels.lex.amazonaws.com"; 18 | public static readonly CLOUD_9 = "cloud9.amazonaws.com"; 19 | public static readonly CLOUD_DIRECTORY = "clouddirectory.amazonaws.com"; 20 | public static readonly CLOUD_FORMATION = "cloudformation.amazonaws.com"; 21 | public static readonly CLOUD_FRONT = "cloudfront.amazonaws.com"; 22 | public static readonly CLOUD_SEARCH = "cloudsearch.amazonaws.com"; 23 | public static readonly CLOUD_TRAIL = "cloudtrail.amazonaws.com"; 24 | public static readonly CODE_BUILD = "codebuild.amazonaws.com"; 25 | public static readonly CODE_COMMIT = "codecommit.amazonaws.com"; 26 | public static readonly CODE_DEPLOY = "codedeploy.amazonaws.com"; 27 | public static readonly CODE_PIPELINE = "codepipeline.amazonaws.com"; 28 | public static readonly CONFIG = "config.amazonaws.com"; 29 | public static readonly CONTINUOUS_EXPORT = 30 | "continuousexport.discovery.amazonaws.com"; 31 | public static readonly CUSTOM_RESOURCE = 32 | "custom-res readonly urce.application-autoscaling.amazonaws.com"; 33 | public static readonly DATA_PIPELINE = "datapipeline.amazonaws.com"; 34 | public static readonly DAX = "dax.amazonaws.com"; 35 | public static readonly DEEP_LENS = "deeplens.amazonaws.com"; 36 | public static readonly DIRECT_CONNECT = "directconnect.amazonaws.com"; 37 | public static readonly DLM = "dlm.amazonaws.com"; 38 | public static readonly DMS = "dms.amazonaws.com"; 39 | public static readonly DS = "ds.amazonaws.com"; 40 | public static readonly DYNAMO_DB = "dynamodb.amazonaws.com"; 41 | public static readonly EC2 = "ec2.amazonaws.com"; 42 | public static readonly EC2_FLEET = "ec2fleet.amazonaws.com"; 43 | public static readonly EC2_SCHEDULED = "ec2scheduled.amazonaws.com"; 44 | public static readonly ECR = "ecr.amazonaws.com"; 45 | public static readonly ECS_TASKS = "ecs-tasks.amazonaws.com"; 46 | public static readonly ECS = "ecs.amazonaws.com"; 47 | public static readonly EDGE_LAMBDA = "edgelambda.amazonaws.com"; 48 | public static readonly EKS = "eks.amazonaws.com"; 49 | public static readonly ELASTI_CACHE = "elasticache.amazonaws.com"; 50 | public static readonly ELASTIC_BEANSTALK = "elasticbeanstalk.amazonaws.com"; 51 | public static readonly ELASTIC_FILE_SYSTEM = 52 | "elasticfilesystem.amazonaws.com"; 53 | public static readonly ELASTIC_LOAD_BALANCING = 54 | "elasticloadbalancing.amazonaws.com"; 55 | public static readonly ELASTIC_MAP_REDUCE = "elasticmapreduce.amazonaws.com"; 56 | public static readonly ELASTIC_TRANSCODER = "elastictranscoder.amazonaws.com"; 57 | public static readonly ES = "es.amazonaws.com"; 58 | public static readonly EVENTS = "events.amazonaws.com"; 59 | public static readonly FIREHOSE = "firehose.amazonaws.com"; 60 | public static readonly GLUE = "glue.amazonaws.com"; 61 | public static readonly GREENGRASS = "greengrass.amazonaws.com"; 62 | public static readonly GUARDDUTY = "guardduty.amazonaws.com"; 63 | public static readonly HEALTH = "health.amazonaws.com"; 64 | public static readonly IAM = "iam.amazonaws.com"; 65 | public static readonly INSPECTOR = "inspector.amazonaws.com"; 66 | public static readonly IOT = "iot.amazonaws.com"; 67 | public static readonly KINESIS = "kinesis.amazonaws.com"; 68 | public static readonly KINESIS_ANALYTICS = "kinesisanalytics.amazonaws.com"; 69 | public static readonly KMS = "kms.amazonaws.com"; 70 | public static readonly LAMBDA = "lambda.amazonaws.com"; 71 | public static readonly LEX = "lex.amazonaws.com"; 72 | public static readonly LIGHTSAIL = "lightsail.amazonaws.com"; 73 | public static readonly LOGS = "logs.amazonaws.com"; 74 | public static readonly MACHINE_LEARNING = "machinelearning.amazonaws.com"; 75 | public static readonly MACIE = "macie.amazonaws.com"; 76 | public static readonly MEDIA_CONVERT = "mediaconvert.amazonaws.com"; 77 | public static readonly MONITORING = "monitoring.amazonaws.com"; 78 | public static readonly OPS_WORKS = "opsworks.amazonaws.com"; 79 | public static readonly ORGANIZATIONS = "organizations.amazonaws.com"; 80 | public static readonly RDS = "rds.amazonaws.com"; 81 | public static readonly REDSHIFT = "redshift.amazonaws.com"; 82 | public static readonly REKOGNITION = "rekognition.amazonaws.com"; 83 | public static readonly REPLICATION = "replication.dynamodb.amazonaws.com"; 84 | public static readonly ROUTE_53 = "route53.amazonaws.com"; 85 | public static readonly S3 = "s3.amazonaws.com"; 86 | public static readonly SAGE_MAKER = "sagemaker.amazonaws.com"; 87 | public static readonly SCHEDULER = "scheduler.amazonaws.com"; 88 | public static readonly SECRETS_MANAGER = "secretsmanager.amazonaws.com"; 89 | public static readonly SERVICE_CATALOG = "servicecatalog.amazonaws.com"; 90 | public static readonly SES = "ses.amazonaws.com"; 91 | public static readonly SIGNIN = "signin.amazonaws.com"; 92 | public static readonly SMS = "sms.amazonaws.com"; 93 | public static readonly SNS = "sns.amazonaws.com"; 94 | public static readonly SPOT_FLEET = "spotfleet.amazonaws.com"; 95 | public static readonly SQS = "sqs.amazonaws.com"; 96 | public static readonly SSM = "ssm.amazonaws.com"; 97 | public static readonly SSO = "sso.amazonaws.com"; 98 | public static readonly STATES = "states.amazonaws.com"; 99 | public static readonly STORAGE_GATEWAY = "storagegateway.amazonaws.com"; 100 | public static readonly STS = "sts.amazonaws.com"; 101 | public static readonly SUPPORT = "support.amazonaws.com"; 102 | public static readonly SWF = "swf.amazonaws.com"; 103 | public static readonly TRUSTED_ADVISOR = "trustedadvisor.amazonaws.com"; 104 | public static readonly VMIE = "vmie.amazonaws.com"; 105 | public static readonly WAF = "waf.amazonaws.com"; 106 | public static readonly WORK_DOCS = "workdocs.amazonaws.com"; 107 | public static readonly WORK_SPACES = "workspaces.amazonaws.com"; 108 | } 109 | -------------------------------------------------------------------------------- /lib/services.ts: -------------------------------------------------------------------------------- 1 | // NOTE: THIS IS MACHINE GENERATED. CHANGES WILL BE OVERWRITTEN! 2 | 3 | export class ServiceNames { 4 | public static readonly AWS_ACCOUNTS = "AWS Accounts" 5 | public static readonly ALEXA_FOR_BUSINESS = "Alexa for Business" 6 | public static readonly AWS_AMPLIFY = "AWS Amplify" 7 | public static readonly AMAZON_API_GATEWAY = "Amazon API Gateway" 8 | public static readonly AWS_APP_MESH = "AWS App Mesh" 9 | public static readonly AWS_APP_MESH_PREVIEW = "AWS App Mesh Preview" 10 | public static readonly APPLICATION_AUTO_SCALING = "Application Auto Scaling" 11 | public static readonly APPLICATION_DISCOVERY = "Application Discovery" 12 | public static readonly APPLICATION_DISCOVERY_ARSENAL = "Application Discovery Arsenal" 13 | public static readonly AMAZON_APP_STREAM_2_0 = "Amazon AppStream 2.0" 14 | public static readonly AWS_APP_SYNC = "AWS AppSync" 15 | public static readonly AWS_ARTIFACT = "AWS Artifact" 16 | public static readonly AMAZON_ATHENA = "Amazon Athena" 17 | public static readonly AWS_AUTO_SCALING = "AWS Auto Scaling" 18 | public static readonly AWS_BACKUP = "AWS Backup" 19 | public static readonly AWS_BACKUP_STORAGE = "AWS Backup storage" 20 | public static readonly AWS_BATCH = "AWS Batch" 21 | public static readonly AWS_BILLING = "AWS Billing" 22 | public static readonly AWS_BUDGET_SERVICE = "AWS Budget Service" 23 | public static readonly AWS_CERTIFICATE_MANAGER = "AWS Certificate Manager" 24 | public static readonly AWS_CERTIFICATE_MANAGER_PRIVATE_CERTIFICATE_AUTHORITY = "AWS Certificate Manager Private Certificate Authority" 25 | public static readonly AWS_CHATBOT = "AWS Chatbot" 26 | public static readonly AMAZON_CHIME = "Amazon Chime" 27 | public static readonly AMAZON_CLOUD_DIRECTORY = "Amazon Cloud Directory" 28 | public static readonly AWS_CLOUD_MAP = "AWS Cloud Map" 29 | public static readonly AWS_CLOUD_9 = "AWS Cloud9" 30 | public static readonly AWS_CLOUD_FORMATION = "AWS CloudFormation" 31 | public static readonly AMAZON_CLOUD_FRONT = "Amazon CloudFront" 32 | public static readonly AWS_CLOUD_HSM = "AWS CloudHSM" 33 | public static readonly AMAZON_CLOUD_SEARCH = "Amazon CloudSearch" 34 | public static readonly AWS_CLOUD_TRAIL = "AWS CloudTrail" 35 | public static readonly AMAZON_CLOUD_WATCH = "Amazon CloudWatch" 36 | public static readonly CLOUD_WATCH_APPLICATION_INSIGHTS = "CloudWatch Application Insights" 37 | public static readonly AMAZON_CLOUD_WATCH_LOGS = "Amazon CloudWatch Logs" 38 | public static readonly AMAZON_CLOUD_WATCH_SYNTHETICS = "Amazon CloudWatch Synthetics" 39 | public static readonly AWS_CODE_SIGNING_FOR_AMAZON_FREE_RTOS = "AWS Code Signing for Amazon FreeRTOS" 40 | public static readonly AWS_CODE_BUILD = "AWS CodeBuild" 41 | public static readonly AWS_CODE_COMMIT = "AWS CodeCommit" 42 | public static readonly AWS_CODE_DEPLOY = "AWS CodeDeploy" 43 | public static readonly AWS_CODE_PIPELINE = "AWS CodePipeline" 44 | public static readonly AWS_CODE_STAR = "AWS CodeStar" 45 | public static readonly AWS_CODE_STAR_NOTIFICATIONS = "AWS CodeStar Notifications" 46 | public static readonly AMAZON_COGNITO_IDENTITY = "Amazon Cognito Identity" 47 | public static readonly AMAZON_COGNITO_SYNC = "Amazon Cognito Sync" 48 | public static readonly AMAZON_COGNITO_USER_POOLS = "Amazon Cognito User Pools" 49 | public static readonly AMAZON_COMPREHEND = "Amazon Comprehend" 50 | public static readonly COMPREHEND_MEDICAL = "Comprehend Medical" 51 | public static readonly COMPUTE_OPTIMIZER = "Compute Optimizer" 52 | public static readonly AWS_CONFIG = "AWS Config" 53 | public static readonly AMAZON_CONNECT = "Amazon Connect" 54 | public static readonly AWS_COST_AND_USAGE_REPORT = "AWS Cost and Usage Report" 55 | public static readonly AWS_COST_EXPLORER_SERVICE = "AWS Cost Explorer Service" 56 | public static readonly AWS_DATA_EXCHANGE = "AWS Data Exchange" 57 | public static readonly AMAZON_DATA_LIFECYCLE_MANAGER = "Amazon Data Lifecycle Manager" 58 | public static readonly DATA_PIPELINE = "Data Pipeline" 59 | public static readonly AWS_DATABASE_MIGRATION_SERVICE = "AWS Database Migration Service" 60 | public static readonly DATABASE_QUERY_METADATA_SERVICE = "Database Query Metadata Service" 61 | public static readonly DATA_SYNC = "DataSync" 62 | public static readonly AWS_DEEP_LENS = "AWS DeepLens" 63 | public static readonly AWS_DEEP_RACER = "AWS DeepRacer" 64 | public static readonly AMAZON_DETECTIVE = "Amazon Detective" 65 | public static readonly AWS_DEVICE_FARM = "AWS Device Farm" 66 | public static readonly AWS_DIRECT_CONNECT = "AWS Direct Connect" 67 | public static readonly AWS_DIRECTORY_SERVICE = "AWS Directory Service" 68 | public static readonly AMAZON_DYNAMO_DB = "Amazon DynamoDB" 69 | public static readonly AMAZON_DYNAMO_DB_ACCELERATOR_DAX = "Amazon DynamoDB Accelerator (DAX)" 70 | public static readonly AMAZON_EC2 = "Amazon EC2" 71 | public static readonly AMAZON_EC2_AUTO_SCALING = "Amazon EC2 Auto Scaling" 72 | public static readonly AMAZON_EC2_IMAGE_BUILDER = "Amazon EC2 Image Builder" 73 | public static readonly AMAZON_EC2_INSTANCE_CONNECT = "Amazon EC2 Instance Connect" 74 | public static readonly AWS_ELASTIC_BEANSTALK = "AWS Elastic Beanstalk" 75 | public static readonly AMAZON_ELASTIC_BLOCK_STORE = "Amazon Elastic Block Store" 76 | public static readonly AMAZON_ELASTIC_CONTAINER_REGISTRY = "Amazon Elastic Container Registry" 77 | public static readonly AMAZON_ELASTIC_CONTAINER_SERVICE = "Amazon Elastic Container Service" 78 | public static readonly AMAZON_ELASTIC_CONTAINER_SERVICE_FOR_KUBERNETES = "Amazon Elastic Container Service for Kubernetes" 79 | public static readonly AMAZON_ELASTIC_FILE_SYSTEM = "Amazon Elastic File System" 80 | public static readonly AMAZON_ELASTIC_INFERENCE = "Amazon Elastic Inference" 81 | public static readonly ELASTIC_LOAD_BALANCING = "Elastic Load Balancing" 82 | public static readonly ELASTIC_LOAD_BALANCING_V2 = "Elastic Load Balancing V2" 83 | public static readonly AMAZON_ELASTIC_MAP_REDUCE = "Amazon Elastic MapReduce" 84 | public static readonly AMAZON_ELASTIC_TRANSCODER = "Amazon Elastic Transcoder" 85 | public static readonly AMAZON_ELASTI_CACHE = "Amazon ElastiCache" 86 | public static readonly AMAZON_ELASTICSEARCH_SERVICE = "Amazon Elasticsearch Service" 87 | public static readonly AWS_ELEMENTAL_MEDIA_CONNECT = "AWS Elemental MediaConnect" 88 | public static readonly AWS_ELEMENTAL_MEDIA_CONVERT = "AWS Elemental MediaConvert" 89 | public static readonly AWS_ELEMENTAL_MEDIA_LIVE = "AWS Elemental MediaLive" 90 | public static readonly AWS_ELEMENTAL_MEDIA_PACKAGE = "AWS Elemental MediaPackage" 91 | public static readonly AWS_ELEMENTAL_MEDIA_PACKAGE_VOD = "AWS Elemental MediaPackage VOD" 92 | public static readonly AWS_ELEMENTAL_MEDIA_STORE = "AWS Elemental MediaStore" 93 | public static readonly AWS_ELEMENTAL_MEDIA_TAILOR = "AWS Elemental MediaTailor" 94 | public static readonly AMAZON_EVENT_BRIDGE = "Amazon EventBridge" 95 | public static readonly AMAZON_EVENT_BRIDGE_SCHEMAS = "Amazon EventBridge Schemas" 96 | public static readonly AWS_FIREWALL_MANAGER = "AWS Firewall Manager" 97 | public static readonly AMAZON_FORECAST = "Amazon Forecast" 98 | public static readonly AMAZON_FRAUD_DETECTOR = "Amazon Fraud Detector" 99 | public static readonly AMAZON_FREE_RTOS = "Amazon FreeRTOS" 100 | public static readonly AMAZON_FSX = "Amazon FSx" 101 | public static readonly AMAZON_GAME_LIFT = "Amazon GameLift" 102 | public static readonly AMAZON_GLACIER = "Amazon Glacier" 103 | public static readonly AWS_GLOBAL_ACCELERATOR = "AWS Global Accelerator" 104 | public static readonly AWS_GLUE = "AWS Glue" 105 | public static readonly AWS_GROUND_STATION = "AWS Ground Station" 106 | public static readonly AMAZON_GROUND_TRUTH_LABELING = "Amazon GroundTruth Labeling" 107 | public static readonly AMAZON_GUARD_DUTY = "Amazon GuardDuty" 108 | public static readonly AWS_HEALTH_APIS_AND_NOTIFICATIONS = "AWS Health APIs and Notifications" 109 | public static readonly IAM_ACCESS_ANALYZER = "IAM Access Analyzer" 110 | public static readonly IDENTITY_AND_ACCESS_MANAGEMENT = "Identity And Access Management" 111 | public static readonly AWS_IMPORT_EXPORT_DISK_SERVICE = "AWS Import Export Disk Service" 112 | public static readonly AMAZON_INSPECTOR = "Amazon Inspector" 113 | public static readonly AWS_IOT = "AWS IoT" 114 | public static readonly AWS_IOT_1_CLICK = "AWS IoT 1-Click" 115 | public static readonly AWS_IOT_ANALYTICS = "AWS IoT Analytics" 116 | public static readonly AWS_IOT_EVENTS = "AWS IoT Events" 117 | public static readonly AWS_IOT_GREENGRASS = "AWS IoT Greengrass" 118 | public static readonly AWS_IOT_SITE_WISE = "AWS IoT SiteWise" 119 | public static readonly AWS_IOT_THINGS_GRAPH = "AWS IoT Things Graph" 120 | public static readonly AWS_IQ = "AWS IQ" 121 | public static readonly AWS_IQ_PERMISSIONS = "AWS IQ Permissions" 122 | public static readonly AMAZON_KENDRA = "Amazon Kendra" 123 | public static readonly AWS_KEY_MANAGEMENT_SERVICE = "AWS Key Management Service" 124 | public static readonly AMAZON_KINESIS = "Amazon Kinesis" 125 | public static readonly AMAZON_KINESIS_ANALYTICS = "Amazon Kinesis Analytics" 126 | public static readonly AMAZON_KINESIS_ANALYTICS_V2 = "Amazon Kinesis Analytics V2" 127 | public static readonly AMAZON_KINESIS_FIREHOSE = "Amazon Kinesis Firehose" 128 | public static readonly AMAZON_KINESIS_VIDEO_STREAMS = "Amazon Kinesis Video Streams" 129 | public static readonly AWS_LAKE_FORMATION = "AWS Lake Formation" 130 | public static readonly AWS_LAMBDA = "AWS Lambda" 131 | public static readonly LAUNCH_WIZARD = "Launch Wizard" 132 | public static readonly AMAZON_LEX = "Amazon Lex" 133 | public static readonly AWS_LICENSE_MANAGER = "AWS License Manager" 134 | public static readonly AMAZON_LIGHTSAIL = "Amazon Lightsail" 135 | public static readonly AMAZON_MACHINE_LEARNING = "Amazon Machine Learning" 136 | public static readonly AMAZON_MACIE = "Amazon Macie" 137 | public static readonly MANAGE_AMAZON_API_GATEWAY = "Manage Amazon API Gateway" 138 | public static readonly AWS_MANAGED_APACHE_CASSANDRA_SERVICE = "AWS Managed Apache Cassandra Service" 139 | public static readonly AMAZON_MANAGED_BLOCKCHAIN = "Amazon Managed Blockchain" 140 | public static readonly AMAZON_MANAGED_STREAMING_FOR_KAFKA = "Amazon Managed Streaming for Kafka" 141 | public static readonly AWS_MARKETPLACE = "AWS Marketplace" 142 | public static readonly AWS_MARKETPLACE_CATALOG = "AWS Marketplace Catalog" 143 | public static readonly AWS_MARKETPLACE_ENTITLEMENT_SERVICE = "AWS Marketplace Entitlement Service" 144 | public static readonly AWS_MARKETPLACE_IMAGE_BUILDING_SERVICE = "AWS Marketplace Image Building Service" 145 | public static readonly AWS_MARKETPLACE_MANAGEMENT_PORTAL = "AWS Marketplace Management Portal" 146 | public static readonly AWS_MARKETPLACE_METERING_SERVICE = "AWS Marketplace Metering Service" 147 | public static readonly AWS_MARKETPLACE_PROCUREMENT_SYSTEMS_INTEGRATION = "AWS Marketplace Procurement Systems Integration" 148 | public static readonly AMAZON_MECHANICAL_TURK = "Amazon Mechanical Turk" 149 | public static readonly AMAZON_MESSAGE_DELIVERY_SERVICE = "Amazon Message Delivery Service" 150 | public static readonly AWS_MIGRATION_HUB = "AWS Migration Hub" 151 | public static readonly AMAZON_MOBILE_ANALYTICS = "Amazon Mobile Analytics" 152 | public static readonly AWS_MOBILE_HUB = "AWS Mobile Hub" 153 | public static readonly AMAZON_MQ = "Amazon MQ" 154 | public static readonly AMAZON_NEPTUNE = "Amazon Neptune" 155 | public static readonly NETWORK_MANAGER = "Network Manager" 156 | public static readonly AWS_OPS_WORKS = "AWS OpsWorks" 157 | public static readonly AWS_OPS_WORKS_CONFIGURATION_MANAGEMENT = "AWS OpsWorks Configuration Management" 158 | public static readonly AWS_ORGANIZATIONS = "AWS Organizations" 159 | public static readonly AWS_OUTPOSTS = "AWS Outposts" 160 | public static readonly AWS_PERFORMANCE_INSIGHTS = "AWS Performance Insights" 161 | public static readonly AMAZON_PERSONALIZE = "Amazon Personalize" 162 | public static readonly AMAZON_PINPOINT = "Amazon Pinpoint" 163 | public static readonly AMAZON_PINPOINT_EMAIL_SERVICE = "Amazon Pinpoint Email Service" 164 | public static readonly AMAZON_PINPOINT_SMS_AND_VOICE_SERVICE = "Amazon Pinpoint SMS and Voice Service" 165 | public static readonly AMAZON_POLLY = "Amazon Polly" 166 | public static readonly AWS_PRICE_LIST = "AWS Price List" 167 | public static readonly AWS_PRIVATE_MARKETPLACE = "AWS Private Marketplace" 168 | public static readonly AMAZON_QLDB = "Amazon QLDB" 169 | public static readonly AMAZON_QUICK_SIGHT = "Amazon QuickSight" 170 | public static readonly AMAZON_RDS = "Amazon RDS" 171 | public static readonly AMAZON_RDS_DATA_API = "Amazon RDS Data API" 172 | public static readonly AMAZON_RDS_IAM_AUTHENTICATION = "Amazon RDS IAM Authentication" 173 | public static readonly AMAZON_REDSHIFT = "Amazon Redshift" 174 | public static readonly AMAZON_REKOGNITION = "Amazon Rekognition" 175 | public static readonly AWS_RESOURCE_ACCESS_MANAGER = "AWS Resource Access Manager" 176 | public static readonly AMAZON_RESOURCE_GROUP_TAGGING_API = "Amazon Resource Group Tagging API" 177 | public static readonly AWS_RESOURCE_GROUPS = "AWS Resource Groups" 178 | public static readonly AWS_ROBO_MAKER = "AWS RoboMaker" 179 | public static readonly AMAZON_ROUTE_53 = "Amazon Route 53" 180 | public static readonly AMAZON_ROUTE_53_RESOLVER = "Amazon Route 53 Resolver" 181 | public static readonly AMAZON_ROUTE_53_DOMAINS = "Amazon Route53 Domains" 182 | public static readonly AMAZON_S3 = "Amazon S3" 183 | public static readonly AMAZON_SAGE_MAKER = "Amazon SageMaker" 184 | public static readonly AWS_SAVINGS_PLANS = "AWS Savings Plans" 185 | public static readonly AWS_SECRETS_MANAGER = "AWS Secrets Manager" 186 | public static readonly AWS_SECURITY_HUB = "AWS Security Hub" 187 | public static readonly AWS_SECURITY_TOKEN_SERVICE = "AWS Security Token Service" 188 | public static readonly AWS_SERVER_MIGRATION_SERVICE = "AWS Server Migration Service" 189 | public static readonly AWS_SERVERLESS_APPLICATION_REPOSITORY = "AWS Serverless Application Repository" 190 | public static readonly AWS_SERVICE_CATALOG = "AWS Service Catalog" 191 | public static readonly SERVICE_QUOTAS = "Service Quotas" 192 | public static readonly AMAZON_SES = "Amazon SES" 193 | public static readonly AMAZON_SESSION_MANAGER_MESSAGE_GATEWAY_SERVICE = "Amazon Session Manager Message Gateway Service" 194 | public static readonly AWS_SHIELD = "AWS Shield" 195 | public static readonly AMAZON_SIMPLE_WORKFLOW_SERVICE = "Amazon Simple Workflow Service" 196 | public static readonly AMAZON_SIMPLE_DB = "Amazon SimpleDB" 197 | public static readonly AWS_SNOWBALL = "AWS Snowball" 198 | public static readonly AMAZON_SNS = "Amazon SNS" 199 | public static readonly AMAZON_SQS = "Amazon SQS" 200 | public static readonly AWS_SSO = "AWS SSO" 201 | public static readonly AWS_SSO_DIRECTORY = "AWS SSO Directory" 202 | public static readonly AWS_STEP_FUNCTIONS = "AWS Step Functions" 203 | public static readonly AMAZON_STORAGE_GATEWAY = "Amazon Storage Gateway" 204 | public static readonly AMAZON_SUMERIAN = "Amazon Sumerian" 205 | public static readonly AWS_SUPPORT = "AWS Support" 206 | public static readonly AWS_SYSTEMS_MANAGER = "AWS Systems Manager" 207 | public static readonly AMAZON_TEXTRACT = "Amazon Textract" 208 | public static readonly AMAZON_TRANSCRIBE = "Amazon Transcribe" 209 | public static readonly AWS_TRANSFER_FOR_SFTP = "AWS Transfer for SFTP" 210 | public static readonly AMAZON_TRANSLATE = "Amazon Translate" 211 | public static readonly AWS_TRUSTED_ADVISOR = "AWS Trusted Advisor" 212 | public static readonly AWS_WAF = "AWS WAF" 213 | public static readonly AWS_WAF_REGIONAL = "AWS WAF Regional" 214 | public static readonly AWS_WAF_V2 = "AWS WAF V2" 215 | public static readonly AWS_WELL_ARCHITECTED_TOOL = "AWS Well-Architected Tool" 216 | public static readonly AMAZON_WORK_DOCS = "Amazon WorkDocs" 217 | public static readonly AMAZON_WORK_LINK = "Amazon WorkLink" 218 | public static readonly AMAZON_WORK_MAIL = "Amazon WorkMail" 219 | public static readonly AMAZON_WORK_MAIL_MESSAGE_FLOW = "Amazon WorkMail Message Flow" 220 | public static readonly AMAZON_WORK_SPACES = "Amazon WorkSpaces" 221 | public static readonly AMAZON_WORK_SPACES_APPLICATION_MANAGER = "Amazon WorkSpaces Application Manager" 222 | public static readonly AWS_X_RAY = "AWS X-Ray" 223 | } -------------------------------------------------------------------------------- /lib/utils.ts: -------------------------------------------------------------------------------- 1 | import * as _ from "lodash"; 2 | 3 | /** 4 | * Normalize service name 5 | */ 6 | export function normalizeServiceName( 7 | name: string, 8 | opts?: { snakeCase?: boolean; stripPrefix?: boolean } 9 | ): string { 10 | const blacklist = ["S_3", "EC_2", "IO_T", "V_2", "F_S", "AP_I"]; 11 | opts = _.defaults(opts, { 12 | snakeCase: true, 13 | stripPrefix: false 14 | }); 15 | let normName = name; 16 | 17 | if (opts.stripPrefix) { 18 | normName = _.trim(normName.replace(/^(AWS|AMAZON)/i, "")); 19 | // TODO 20 | } 21 | 22 | if (opts.snakeCase) { 23 | let modKey = _.snakeCase(name).toUpperCase(); 24 | blacklist.forEach(ent => { 25 | if (modKey.indexOf(ent) >= 0) { 26 | modKey = modKey.replace(ent, ent.replace("_", "")); 27 | } 28 | }); 29 | normName = modKey; 30 | } 31 | 32 | return normName; 33 | } 34 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "cdk-constants", 3 | "description": "Library of helpful constants to work with the CDK", 4 | "version": "3.0.2", 5 | "main": "./lib/index.js", 6 | "types": "./lib/index.d.ts", 7 | "license": "Apache-2.0", 8 | "repository": { 9 | "url": "https://github.com/kevinslin/cdk-constants", 10 | "type": "git" 11 | }, 12 | "keywords": [ 13 | "aws", 14 | "cdk" 15 | ], 16 | "homepage": "https://github.com/kevinslin/cdk-constants", 17 | "scripts": { 18 | "package": "jsii-pacmak", 19 | "build": "jsii", 20 | "watch": "jsii -w", 21 | "test": "jest", 22 | "watch-test": "jest -w" 23 | }, 24 | "jsii": { 25 | "outdir": "dist", 26 | "targets": { 27 | "java": { 28 | "package": "com.github.kevinslin.constants", 29 | "maven": { 30 | "groupId": "com.github.kevinslin", 31 | "artifactId": "cdk-constants" 32 | } 33 | }, 34 | "python": { 35 | "distName": "cdk-constants", 36 | "module": "cdk_constants" 37 | } 38 | } 39 | }, 40 | "author": { 41 | "email": "kevin@thence.io", 42 | "name": "Kevin S Lin", 43 | "url": "https://github.com/kevinslin" 44 | }, 45 | "jest": { 46 | "moduleFileExtensions": [ 47 | "js" 48 | ] 49 | }, 50 | "prepublish": "tsc", 51 | "dependencies": {}, 52 | "devDependencies": { 53 | "@types/axios": "^0.14.0", 54 | "@types/execa": "^2.0.0", 55 | "@types/fs-extra": "^8.0.0", 56 | "@types/jest": "^24.0.24", 57 | "@types/lodash": "^4.14.136", 58 | "@types/pino": "^5.8.8", 59 | "@types/yargs": "^13.0.2", 60 | "axios": "^0.19.0", 61 | "execa": "^2.0.3", 62 | "fs-extra": "^8.1.0", 63 | "jest": "^24.9.0", 64 | "jsii": "^0.20.11", 65 | "jsii-pacmak": "^0.20.11", 66 | "pino": "^5.13.1", 67 | "typescript": "^3.5.3", 68 | "yargs": "^13.3.0", 69 | "lodash": "^4.17.15" 70 | } 71 | } -------------------------------------------------------------------------------- /test/constants.test.ts: -------------------------------------------------------------------------------- 1 | import { 2 | FederatedPrincipals, 3 | ServicePrincipals, 4 | ManagedPolicies 5 | } from "../lib"; 6 | 7 | describe("principles", () => { 8 | test("federated", () => { 9 | expect(FederatedPrincipals.COGNITO_IDENTITY).toEqual( 10 | "cognito-identity.amazonaws.com" 11 | ); 12 | }); 13 | test("service", () => { 14 | expect(Object.keys(ServicePrincipals).length).toEqual(96); 15 | }); 16 | }); 17 | 18 | describe("policies", () => { 19 | test("policies", () => { 20 | expect(Object.keys(ManagedPolicies).length).toEqual(619); 21 | }); 22 | }); 23 | -------------------------------------------------------------------------------- /test/utils.test.ts: -------------------------------------------------------------------------------- 1 | import { normalizeServiceName } from "../lib/utils"; 2 | 3 | describe("normalizeServiceName", () => { 4 | test("snakeCase", () => { 5 | expect(normalizeServiceName("aws S3")).toEqual("AWS_S3"); 6 | }); 7 | 8 | test("stripPrefix", () => { 9 | expect( 10 | normalizeServiceName("aws s3", { 11 | stripPrefix: true, 12 | snakeCase: false 13 | }) 14 | ).toEqual("s3"); 15 | 16 | expect( 17 | normalizeServiceName("amazon s3", { 18 | stripPrefix: true, 19 | snakeCase: false 20 | }) 21 | ).toEqual("s3"); 22 | }); 23 | }); 24 | -------------------------------------------------------------------------------- /tsconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "compilerOptions": { 3 | "alwaysStrict": true, 4 | "charset": "utf8", 5 | "declaration": true, 6 | "experimentalDecorators": true, 7 | "inlineSourceMap": true, 8 | "inlineSources": true, 9 | "lib": [ 10 | "es2016" 11 | ], 12 | "module": "CommonJS", 13 | "noEmitOnError": true, 14 | "noFallthroughCasesInSwitch": true, 15 | "noImplicitAny": true, 16 | "noImplicitReturns": true, 17 | "noImplicitThis": true, 18 | "noUnusedLocals": true, 19 | "noUnusedParameters": true, 20 | "resolveJsonModule": true, 21 | "strict": true, 22 | "strictNullChecks": true, 23 | "strictPropertyInitialization": true, 24 | "stripInternal": true, 25 | "target": "ES2017" 26 | }, 27 | "include": [ 28 | "**/*.ts" 29 | ], 30 | "exclude": [ 31 | "node_modules" 32 | ], 33 | "_generated_by_jsii_": "Generated by jsii - safe to delete, and ideally should be in .gitignore" 34 | } 35 | --------------------------------------------------------------------------------