├── .github ├── FUNDING.yml └── workflows │ ├── dev.yml │ ├── main.yml │ ├── policy_validation.yml │ └── release.yml ├── .gitignore ├── DEPRECATED.json ├── HALL_OF_FAILS.md ├── LICENSE ├── Makefile ├── README.md ├── assets ├── mamip_twitter.png ├── schema.drawio.svg └── watching.gif ├── automation ├── Dockerfile ├── requirements.txt ├── runbook-dev.sh ├── runbook-prod.sh ├── script-fargate.sh ├── tf-fargate │ ├── cloudwatch.tf │ ├── ecr.tf │ ├── ecs.tf │ ├── iam.tf │ ├── main.tf │ ├── output.tf │ ├── tasks │ │ └── container_definition.json.tpl │ └── variables.tf ├── validate-batch.py └── validate.py ├── findings ├── AIOpsAssistantPolicy.json ├── AWSBatchFullAccess.json ├── AWSCodePipeline_FullAccess.json ├── AWSCodePipeline_ReadOnlyAccess.json ├── AWSDeepLensLambdaFunctionAccessPolicy.json ├── AWSDeepRacerFullAccess.json ├── AWSElasticBeanstalkCustomPlatformforEC2Role.json ├── AWSElasticBeanstalkRoleCore.json ├── AWSElasticBeanstalkService.json ├── AWSElasticBeanstalkWebTier.json ├── AWSElasticBeanstalkWorkerTier.json ├── AWSElasticDisasterRecoveryConsoleFullAccess_v2.json ├── AWSGlueConsoleFullAccess.json ├── AWSMarketplaceFullAccess.json ├── AWSMigrationHubOrchestratorConsoleFullAccess.json ├── AWSMigrationHubOrchestratorServiceRolePolicy.json ├── AWSOrganizationsFullAccess.json ├── AWSOrganizationsServiceTrustPolicy.json ├── AWSProtonCodeBuildProvisioningServiceRolePolicy.json ├── AWSResourceExplorerServiceRolePolicy.json ├── AWSServiceRoleForAmazonEKSNodegroup.json ├── AWSServiceRoleForSMS.json ├── AdministratorAccess-Amplify.json ├── AdministratorAccess.json ├── AlexaForBusinessFullAccess.json ├── AmazonAppStreamServiceAccess.json ├── AmazonCodeGuruReviewerServiceRolePolicy.json ├── AmazonConnectServiceLinkedRolePolicy.json ├── AmazonDataZoneEnvironmentRolePermissionsBoundary.json ├── AmazonDataZoneGlueManageAccessRolePolicy.json ├── AmazonDataZoneSageMakerEnvironmentRolePermissionsBoundary.json ├── AmazonDynamoDBFullAccesswithDataPipeline.json ├── AmazonEKSConnectorServiceRolePolicy.json ├── AmazonElasticMapReduceFullAccess.json ├── AmazonElasticMapReduceRole.json ├── AmazonLaunchWizardFullAccessV2.json ├── AmazonRDSCustomPreviewServiceRolePolicy.json ├── AmazonRDSCustomServiceRolePolicy.json ├── AmazonRedshiftAllCommandsFullAccess.json ├── AmazonRedshiftServiceLinkedRolePolicy.json ├── AmazonSageMakerCanvasFullAccess.json ├── AmazonSageMakerFullAccess.json ├── AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy.json ├── AmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy.json ├── AmazonSecurityLakeAdministrator.json ├── AmazonSecurityLakeMetastoreManager.json ├── DataScientist.json ├── FMSServiceRolePolicy.json ├── IAMFullAccess.json ├── MemoryDBServiceRolePolicy.json ├── NeptuneConsoleFullAccess.json ├── PowerUserAccess.json ├── README.md ├── S3UnlockBucketPolicy.json ├── SQSUnlockQueuePolicy.json ├── SageMakerStudioProjectProvisioningRolePolicy.json ├── SageMakerStudioProjectRoleMachineLearningPolicy.json ├── SageMakerStudioProjectUserRolePermissionsBoundary.json ├── SecurityAudit.json ├── SecurityLakeResourceManagementServiceRolePolicy.json ├── SupportUser.json ├── SystemAdministrator.json ├── ViewOnlyAccess.json └── fails.txt ├── policies-list.json └── policies ├── AIOpsAssistantPolicy ├── AIOpsConsoleAdminPolicy ├── AIOpsOperatorAccess ├── AIOpsReadOnlyAccess ├── APIGatewayServiceRolePolicy ├── AWS-SSM-Automation-DiagnosisBucketPolicy ├── AWS-SSM-DiagnosisAutomation-AdministrationRolePolicy ├── AWS-SSM-DiagnosisAutomation-ExecutionRolePolicy ├── AWS-SSM-DiagnosisAutomation-OperationalAccountAdministrationRolePolicy ├── AWS-SSM-RemediationAutomation-AdministrationRolePolicy ├── AWS-SSM-RemediationAutomation-ExecutionRolePolicy ├── AWS-SSM-RemediationAutomation-OperationalAccountAdministrationRolePolicy ├── AWSAccountActivityAccess ├── AWSAccountManagementFullAccess ├── AWSAccountManagementReadOnlyAccess ├── AWSAccountUsageReportAccess ├── AWSAgentlessDiscoveryService ├── AWSAppFabricFullAccess ├── AWSAppFabricReadOnlyAccess ├── AWSAppFabricServiceRolePolicy ├── AWSAppMeshEnvoyAccess ├── AWSAppMeshFullAccess ├── AWSAppMeshPreviewEnvoyAccess ├── AWSAppMeshPreviewServiceRolePolicy ├── AWSAppMeshReadOnly ├── AWSAppMeshServiceRolePolicy ├── AWSAppRunnerFullAccess ├── AWSAppRunnerReadOnlyAccess ├── AWSAppRunnerServicePolicyForECRAccess ├── AWSAppSyncAdministrator ├── AWSAppSyncInvokeFullAccess ├── AWSAppSyncPushToCloudWatchLogs ├── AWSAppSyncSchemaAuthor ├── AWSAppSyncServiceRolePolicy ├── AWSApplicationAutoScalingCustomResourcePolicy ├── AWSApplicationAutoscalingAppStreamFleetPolicy ├── AWSApplicationAutoscalingCassandraTablePolicy ├── AWSApplicationAutoscalingComprehendEndpointPolicy ├── AWSApplicationAutoscalingDynamoDBTablePolicy ├── AWSApplicationAutoscalingEC2SpotFleetRequestPolicy ├── AWSApplicationAutoscalingECSServicePolicy ├── AWSApplicationAutoscalingEMRInstanceGroupPolicy ├── AWSApplicationAutoscalingElastiCacheRGPolicy ├── AWSApplicationAutoscalingKafkaClusterPolicy ├── AWSApplicationAutoscalingLambdaConcurrencyPolicy ├── AWSApplicationAutoscalingNeptuneClusterPolicy ├── AWSApplicationAutoscalingRDSClusterPolicy ├── AWSApplicationAutoscalingSageMakerEndpointPolicy ├── AWSApplicationAutoscalingWorkSpacesPoolPolicy ├── AWSApplicationDiscoveryAgentAccess ├── AWSApplicationDiscoveryAgentlessCollectorAccess ├── AWSApplicationDiscoveryServiceFullAccess ├── AWSApplicationMigrationAgentInstallationPolicy ├── AWSApplicationMigrationAgentPolicy ├── AWSApplicationMigrationAgentPolicy_v2 ├── AWSApplicationMigrationConversionServerPolicy ├── AWSApplicationMigrationEC2Access ├── AWSApplicationMigrationFullAccess ├── AWSApplicationMigrationMGHAccess ├── AWSApplicationMigrationReadOnlyAccess ├── AWSApplicationMigrationReplicationServerPolicy ├── AWSApplicationMigrationSSMAccess ├── AWSApplicationMigrationServiceEc2InstancePolicy ├── AWSApplicationMigrationServiceRolePolicy ├── AWSApplicationMigrationVCenterClientPolicy ├── AWSArtifactAccountSync ├── AWSArtifactAgreementsFullAccess ├── AWSArtifactAgreementsReadOnlyAccess ├── AWSArtifactReportsReadOnlyAccess ├── AWSArtifactServiceRolePolicy ├── AWSAuditManagerAdministratorAccess ├── AWSAuditManagerServiceRolePolicy ├── AWSAutoScalingPlansEC2AutoScalingPolicy ├── AWSB9InternalServicePolicy ├── AWSBCMDataExportsServiceRolePolicy ├── AWSBackupAdminPolicy ├── AWSBackupAuditAccess ├── AWSBackupDataTransferAccess ├── AWSBackupFullAccess ├── AWSBackupGatewayServiceRolePolicyForVirtualMachineMetadataSync ├── AWSBackupOperatorAccess ├── AWSBackupOperatorPolicy ├── AWSBackupOrganizationAdminAccess ├── AWSBackupRestoreAccessForSAPHANA ├── AWSBackupSearchOperatorAccess ├── AWSBackupServiceLinkedRolePolicyForBackup ├── AWSBackupServiceLinkedRolePolicyForBackupTest ├── AWSBackupServiceRolePolicyForBackup ├── AWSBackupServiceRolePolicyForIndexing ├── AWSBackupServiceRolePolicyForItemRestores ├── AWSBackupServiceRolePolicyForRestores ├── AWSBackupServiceRolePolicyForS3Backup ├── AWSBackupServiceRolePolicyForS3Restore ├── AWSBatchFullAccess ├── AWSBatchServiceEventTargetRole ├── AWSBatchServiceRole ├── AWSBillingConductorFullAccess ├── AWSBillingConductorReadOnlyAccess ├── AWSBillingReadOnlyAccess ├── AWSBudgetsActionsRolePolicyForResourceAdministrationWithSSM ├── AWSBudgetsActionsWithAWSResourceControlAccess ├── AWSBudgetsActions_RolePolicyForResourceAdministrationWithSSM ├── AWSBudgetsReadOnlyAccess ├── AWSBugBustFullAccess ├── AWSBugBustPlayerAccess ├── AWSBugBustServiceRolePolicy ├── AWSCertificateManagerFullAccess ├── AWSCertificateManagerPrivateCAAuditor ├── AWSCertificateManagerPrivateCAFullAccess ├── AWSCertificateManagerPrivateCAPrivilegedUser ├── AWSCertificateManagerPrivateCAReadOnly ├── AWSCertificateManagerPrivateCAUser ├── AWSCertificateManagerReadOnly ├── AWSChatbotServiceLinkedRolePolicy ├── AWSCleanRoomsFullAccess ├── AWSCleanRoomsFullAccessNoQuerying ├── AWSCleanRoomsMLFullAccess ├── AWSCleanRoomsMLReadOnlyAccess ├── AWSCleanRoomsReadOnlyAccess ├── AWSCloud9Administrator ├── AWSCloud9EnvironmentMember ├── AWSCloud9SSMInstanceProfile ├── AWSCloud9ServiceRolePolicy ├── AWSCloud9User ├── AWSCloudFormationFullAccess ├── AWSCloudFormationReadOnlyAccess ├── AWSCloudFrontLogger ├── AWSCloudFrontVPCOriginServiceRolePolicy ├── AWSCloudHSMFullAccess ├── AWSCloudHSMReadOnlyAccess ├── AWSCloudHSMRole ├── AWSCloudMapDiscoverInstanceAccess ├── AWSCloudMapFullAccess ├── AWSCloudMapReadOnlyAccess ├── AWSCloudMapRegisterInstanceAccess ├── AWSCloudShellFullAccess ├── AWSCloudTrailFullAccess ├── AWSCloudTrailReadOnlyAccess ├── AWSCloudTrail_FullAccess ├── AWSCloudTrail_ReadOnlyAccess ├── AWSCloudWatchAlarms_ActionSSMIncidentsServiceRolePolicy ├── AWSCodeArtifactAdminAccess ├── AWSCodeArtifactReadOnlyAccess ├── AWSCodeArtifactReadOnlyAccess.json ├── AWSCodeBuildAdminAccess ├── AWSCodeBuildDeveloperAccess ├── AWSCodeBuildReadOnlyAccess ├── AWSCodeCommitFullAccess ├── AWSCodeCommitPowerUser ├── AWSCodeCommitReadOnly ├── AWSCodeDeployDeployerAccess ├── AWSCodeDeployFullAccess ├── AWSCodeDeployReadOnlyAccess ├── AWSCodeDeployRole ├── AWSCodeDeployRoleForCloudFormation ├── AWSCodeDeployRoleForECS ├── AWSCodeDeployRoleForECSLimited ├── AWSCodeDeployRoleForLambda ├── AWSCodeDeployRoleForLambdaLimited ├── AWSCodePipelineApproverAccess ├── AWSCodePipelineCustomActionAccess ├── AWSCodePipelineFullAccess ├── AWSCodePipelineReadOnlyAccess ├── AWSCodePipeline_FullAccess ├── AWSCodePipeline_ReadOnlyAccess ├── AWSCodeStarFullAccess ├── AWSCodeStarNotificationsServiceRolePolicy ├── AWSCodeStarServiceRole ├── AWSCompromisedKeyQuarantine ├── AWSCompromisedKeyQuarantineV2 ├── AWSCompromisedKeyQuarantineV3 ├── AWSConfigMultiAccountSetupPolicy ├── AWSConfigRemediationServiceRolePolicy ├── AWSConfigRole ├── AWSConfigRoleForOrganizations ├── AWSConfigRulesExecutionRole ├── AWSConfigServiceRolePolicy ├── AWSConfigUserAccess ├── AWSConnector ├── AWSControlTowerAccountServiceRolePolicy ├── AWSControlTowerServiceRolePolicy ├── AWSCostAndUsageReportAutomationPolicy ├── AWSDMSFleetAdvisorServiceRolePolicy ├── AWSDMSServerlessServiceRolePolicy ├── AWSDataExchangeDataGrantOwnerFullAccess ├── AWSDataExchangeDataGrantReceiverFullAccess ├── AWSDataExchangeFullAccess ├── AWSDataExchangeProviderFullAccess ├── AWSDataExchangeReadOnly ├── AWSDataExchangeServiceRolePolicyForLicenseManagement ├── AWSDataExchangeServiceRolePolicyForOrganizationDiscovery ├── AWSDataExchangeSubscriberFullAccess ├── AWSDataLifecycleManagerSSMFullAccess ├── AWSDataLifecycleManagerServiceRole ├── AWSDataLifecycleManagerServiceRoleForAMIManagement ├── AWSDataPipelineRole ├── AWSDataPipeline_FullAccess ├── AWSDataPipeline_PowerUser ├── AWSDataSyncDiscoveryServiceRolePolicy ├── AWSDataSyncFullAccess ├── AWSDataSyncReadOnlyAccess ├── AWSDataSyncServiceRolePolicy ├── AWSDeadlineCloud-FleetWorker ├── AWSDeadlineCloud-UserAccessFarms ├── AWSDeadlineCloud-UserAccessFleets ├── AWSDeadlineCloud-UserAccessJobs ├── AWSDeadlineCloud-UserAccessQueues ├── AWSDeadlineCloud-WorkerHost ├── AWSDeepLensLambdaFunctionAccessPolicy ├── AWSDeepLensServiceRolePolicy ├── AWSDeepRacerAccountAdminAccess ├── AWSDeepRacerCloudFormationAccessPolicy ├── AWSDeepRacerDefaultMultiUserAccess ├── AWSDeepRacerFullAccess ├── AWSDeepRacerRoboMakerAccessPolicy ├── AWSDeepRacerServiceRolePolicy ├── AWSDenyAll ├── AWSDeviceFarmFullAccess ├── AWSDeviceFarmServiceRolePolicy ├── AWSDeviceFarmTestGridServiceRolePolicy ├── AWSDirectConnectFullAccess ├── AWSDirectConnectReadOnlyAccess ├── AWSDirectConnectServiceRolePolicy ├── AWSDirectoryServiceDataFullAccess ├── AWSDirectoryServiceDataReadOnlyAccess ├── AWSDirectoryServiceFullAccess ├── AWSDirectoryServiceReadOnlyAccess ├── AWSDiscoveryContinuousExportFirehosePolicy ├── AWSEC2CapacityReservationFleetRolePolicy ├── AWSEC2FleetServiceRolePolicy ├── AWSEC2SpotFleetServiceRolePolicy ├── AWSEC2SpotServiceRolePolicy ├── AWSEC2VssSnapshotPolicy ├── AWSECRPullThroughCacheServiceRolePolicy ├── AWSECRPullThroughCache_ServiceRolePolicy ├── AWSElasticBeanstalkCustomPlatformforEC2Role ├── AWSElasticBeanstalkEnhancedHealth ├── AWSElasticBeanstalkFullAccess ├── AWSElasticBeanstalkMaintenance ├── AWSElasticBeanstalkManagedUpdatesCustomerRolePolicy ├── AWSElasticBeanstalkManagedUpdatesServiceRolePolicy ├── AWSElasticBeanstalkMulticontainerDocker ├── AWSElasticBeanstalkReadOnly ├── AWSElasticBeanstalkReadOnlyAccess ├── AWSElasticBeanstalkRoleCWL ├── AWSElasticBeanstalkRoleCore ├── AWSElasticBeanstalkRoleECS ├── AWSElasticBeanstalkRoleRDS ├── AWSElasticBeanstalkRoleSNS ├── AWSElasticBeanstalkRoleWorkerTier ├── AWSElasticBeanstalkService ├── AWSElasticBeanstalkServiceRolePolicy ├── AWSElasticBeanstalkWebTier ├── AWSElasticBeanstalkWorkerTier ├── AWSElasticDisasterRecoveryAgentInstallationPolicy ├── AWSElasticDisasterRecoveryAgentPolicy ├── AWSElasticDisasterRecoveryConsoleFullAccess ├── AWSElasticDisasterRecoveryConsoleFullAccess_v2 ├── AWSElasticDisasterRecoveryConversionServerPolicy ├── AWSElasticDisasterRecoveryCrossAccountReplicationPolicy ├── AWSElasticDisasterRecoveryEc2InstancePolicy ├── AWSElasticDisasterRecoveryFailbackInstallationPolicy ├── AWSElasticDisasterRecoveryFailbackPolicy ├── AWSElasticDisasterRecoveryLaunchActionsPolicy ├── AWSElasticDisasterRecoveryNetworkReplicationPolicy ├── AWSElasticDisasterRecoveryReadOnlyAccess ├── AWSElasticDisasterRecoveryRecoveryInstancePolicy ├── AWSElasticDisasterRecoveryReplicationServerPolicy ├── AWSElasticDisasterRecoveryServiceRolePolicy ├── AWSElasticDisasterRecoveryStagingAccountPolicy ├── AWSElasticDisasterRecoveryStagingAccountPolicy_v2 ├── AWSElasticLoadBalancingClassicServiceRolePolicy ├── AWSElasticLoadBalancingServiceRolePolicy ├── AWSElementalMediaConnectFullAccess ├── AWSElementalMediaConnectReadOnlyAccess ├── AWSElementalMediaConvertFullAccess ├── AWSElementalMediaConvertReadOnly ├── AWSElementalMediaLiveFullAccess ├── AWSElementalMediaLiveReadOnly ├── AWSElementalMediaPackageFullAccess ├── AWSElementalMediaPackageReadOnly ├── AWSElementalMediaPackageV2FullAccess ├── AWSElementalMediaPackageV2ReadOnly ├── AWSElementalMediaStoreFullAccess ├── AWSElementalMediaStoreReadOnly ├── AWSElementalMediaTailorFullAccess ├── AWSElementalMediaTailorReadOnly ├── AWSEnhancedClassicNetworkingMangementPolicy ├── AWSEntityResolutionConsoleFullAccess ├── AWSEntityResolutionConsoleReadOnlyAccess ├── AWSFMAdminFullAccess ├── AWSFMAdminReadOnlyAccess ├── AWSFMMemberReadOnlyAccess ├── AWSFaultInjectionSimulatorEC2Access ├── AWSFaultInjectionSimulatorECSAccess ├── AWSFaultInjectionSimulatorEKSAccess ├── AWSFaultInjectionSimulatorNetworkAccess ├── AWSFaultInjectionSimulatorRDSAccess ├── AWSFaultInjectionSimulatorSSMAccess ├── AWSFinSpaceServiceRolePolicy ├── AWSForWordPressPluginPolicy ├── AWSGitSyncServiceRolePolicy ├── AWSGlobalAcceleratorSLRPolicy ├── AWSGlueConsoleFullAccess ├── AWSGlueConsoleSageMakerNotebookFullAccess ├── AWSGlueDataBrewServiceRole ├── AWSGlueSchemaRegistryFullAccess ├── AWSGlueSchemaRegistryReadonlyAccess ├── AWSGlueServiceNotebookRole ├── AWSGlueServiceRole ├── AWSGrafanaAccountAdministrator ├── AWSGrafanaConsoleReadOnlyAccess ├── AWSGrafanaWorkspacePermissionManagement ├── AWSGrafanaWorkspacePermissionManagementV2 ├── AWSGreengrassFullAccess ├── AWSGreengrassReadOnlyAccess ├── AWSGreengrassResourceAccessRolePolicy ├── AWSGroundStationAgentInstancePolicy ├── AWSHealthFullAccess ├── AWSHealthImagingFullAccess ├── AWSHealthImagingReadOnlyAccess ├── AWSHealth_EventProcessorServiceRolePolicy ├── AWSIAMIdentityCenterAllowListForIdentityContext ├── AWSIPAMServiceRolePolicy ├── AWSIQContractServiceRolePolicy ├── AWSIQFullAccess ├── AWSIQPermissionServiceRolePolicy ├── AWSIdentitySyncFullAccess ├── AWSIdentitySyncReadOnlyAccess ├── AWSImageBuilderFullAccess ├── AWSImageBuilderReadOnlyAccess ├── AWSImportExportFullAccess ├── AWSImportExportReadOnlyAccess ├── AWSIncidentManagerIncidentAccessServiceRolePolicy ├── AWSIncidentManagerResolverAccess ├── AWSIncidentManagerServiceRolePolicy ├── AWSIoT1ClickFullAccess ├── AWSIoT1ClickReadOnlyAccess ├── AWSIoTAnalyticsFullAccess ├── AWSIoTAnalyticsReadOnlyAccess ├── AWSIoTConfigAccess ├── AWSIoTConfigReadOnlyAccess ├── AWSIoTDataAccess ├── AWSIoTDeviceDefenderAddThingsToThingGroupMitigationAction ├── AWSIoTDeviceDefenderAudit ├── AWSIoTDeviceDefenderEnableIoTLoggingMitigationAction ├── AWSIoTDeviceDefenderPublishFindingsToSNSMitigationAction ├── AWSIoTDeviceDefenderReplaceDefaultPolicyMitigationAction ├── AWSIoTDeviceDefenderUpdateCACertMitigationAction ├── AWSIoTDeviceDefenderUpdateDeviceCertMitigationAction ├── AWSIoTDeviceTesterForFreeRTOSFullAccess ├── AWSIoTDeviceTesterForGreengrassFullAccess ├── AWSIoTEventsFullAccess ├── AWSIoTEventsReadOnlyAccess ├── AWSIoTFleetHubFederationAccess ├── AWSIoTFleetwiseServiceRolePolicy ├── AWSIoTFullAccess ├── AWSIoTLogging ├── AWSIoTManagedIntegrationsFullAccess ├── AWSIoTManagedIntegrationsRolePolicy ├── AWSIoTOTAUpdate ├── AWSIoTRuleActions ├── AWSIoTSiteWiseConsoleFullAccess ├── AWSIoTSiteWiseFullAccess ├── AWSIoTSiteWiseMonitorPortalAccess ├── AWSIoTSiteWiseMonitorServiceRolePolicy ├── AWSIoTSiteWiseReadOnlyAccess ├── AWSIoTThingsRegistration ├── AWSIoTTwinMakerServiceRolePolicy ├── AWSIoTWirelessDataAccess ├── AWSIoTWirelessFullAccess ├── AWSIoTWirelessFullPublishAccess ├── AWSIoTWirelessGatewayCertManager ├── AWSIoTWirelessLogging ├── AWSIoTWirelessReadOnlyAccess ├── AWSIotRoboRunnerFullAccess ├── AWSIotRoboRunnerReadOnly ├── AWSIotRoboRunnerServiceRolePolicy ├── AWSKeyManagementServiceCustomKeyStoresServiceRolePolicy ├── AWSKeyManagementServiceMultiRegionKeysServiceRolePolicy ├── AWSKeyManagementServicePowerUser ├── AWSLakeFormationCrossAccountManager ├── AWSLakeFormationDataAdmin ├── AWSLambdaBasicExecutionRole ├── AWSLambdaDynamoDBExecutionRole ├── AWSLambdaENIManagementAccess ├── AWSLambdaExecute ├── AWSLambdaFullAccess ├── AWSLambdaInvocation-DynamoDB ├── AWSLambdaKinesisExecutionRole ├── AWSLambdaMSKExecutionRole ├── AWSLambdaReadOnlyAccess ├── AWSLambdaReplicator ├── AWSLambdaReplicatorInternal ├── AWSLambdaRole ├── AWSLambdaSQSQueueExecutionRole ├── AWSLambdaVPCAccessExecutionRole ├── AWSLambda_FullAccess ├── AWSLambda_ReadOnlyAccess ├── AWSLicenseManagerConsumptionPolicy ├── AWSLicenseManagerLinuxSubscriptionsServiceRolePolicy ├── AWSLicenseManagerMasterAccountRolePolicy ├── AWSLicenseManagerMemberAccountRolePolicy ├── AWSLicenseManagerServiceRolePolicy ├── AWSLicenseManagerUserSubscriptionsServiceRolePolicy ├── AWSM2ServicePolicy ├── AWSMSKReplicatorExecutionRole ├── AWSManagedServicesDeploymentToolkitPolicy ├── AWSManagedServices_ContactsServiceRolePolicy ├── AWSManagedServices_DetectiveControlsConfig_ServiceRolePolicy ├── AWSManagedServices_EventsServiceRolePolicy ├── AWSManagedServices_SelfServiceReporting_ServiceRolePolicy ├── AWSMarketplaceAmiIngestion ├── AWSMarketplaceDeploymentServiceRolePolicy ├── AWSMarketplaceFullAccess ├── AWSMarketplaceGetEntitlements ├── AWSMarketplaceImageBuildFullAccess ├── AWSMarketplaceLicenseManagementServiceRolePolicy ├── AWSMarketplaceManageSubscriptions ├── AWSMarketplaceMeteringFullAccess ├── AWSMarketplaceMeteringRegisterUsage ├── AWSMarketplaceProcurementSystemAdminFullAccess ├── AWSMarketplacePurchaseOrdersServiceRolePolicy ├── AWSMarketplaceRead-only ├── AWSMarketplaceResaleAuthorizationServiceRolePolicy ├── AWSMarketplaceSellerFullAccess ├── AWSMarketplaceSellerOfferManagement ├── AWSMarketplaceSellerProductsFullAccess ├── AWSMarketplaceSellerProductsReadOnly ├── AWSMediaConnectServicePolicy ├── AWSMediaLiveAnywhereServiceRolePolicy ├── AWSMediaTailorServiceRolePolicy ├── AWSMigrationHubDMSAccess ├── AWSMigrationHubDiscoveryAccess ├── AWSMigrationHubFullAccess ├── AWSMigrationHubOrchestratorConsoleFullAccess ├── AWSMigrationHubOrchestratorInstanceRolePolicy ├── AWSMigrationHubOrchestratorPlugin ├── AWSMigrationHubOrchestratorServiceRolePolicy ├── AWSMigrationHubRefactorSpaces-EnvironmentsWithoutBridgesFullAccess ├── AWSMigrationHubRefactorSpaces-SSMAutomationPolicy ├── AWSMigrationHubRefactorSpacesFullAccess ├── AWSMigrationHubRefactorSpacesServiceRolePolicy ├── AWSMigrationHubSMSAccess ├── AWSMigrationHubStrategyCollector ├── AWSMigrationHubStrategyConsoleFullAccess ├── AWSMigrationHubStrategyServiceRolePolicy ├── AWSMobileHub_FullAccess ├── AWSMobileHub_ReadOnly ├── AWSNetworkFirewallServiceRolePolicy ├── AWSNetworkManagerCloudWANServiceRolePolicy ├── AWSNetworkManagerFullAccess ├── AWSNetworkManagerReadOnlyAccess ├── AWSNetworkManagerServiceRolePolicy ├── AWSObservabilityAdminServiceRolePolicy ├── AWSOpsWorksCMInstanceProfileRole ├── AWSOpsWorksCMServiceRole ├── AWSOpsWorksCloudWatchLogs ├── AWSOpsWorksFullAccess ├── AWSOpsWorksInstanceRegistration ├── AWSOpsWorksRegisterCLI ├── AWSOpsWorksRegisterCLI_EC2 ├── AWSOpsWorksRegisterCLI_OnPremises ├── AWSOpsWorksRole ├── AWSOpsWorks_FullAccess ├── AWSOrganizationsFullAccess ├── AWSOrganizationsReadOnlyAccess ├── AWSOrganizationsServiceTrustPolicy ├── AWSOutpostsAuthorizeServerPolicy ├── AWSOutpostsServiceRolePolicy ├── AWSPCSServiceRolePolicy ├── AWSPanoramaApplianceRolePolicy ├── AWSPanoramaApplianceServiceRolePolicy ├── AWSPanoramaFullAccess ├── AWSPanoramaGreengrassGroupRolePolicy ├── AWSPanoramaSageMakerRolePolicy ├── AWSPanoramaServiceLinkedRolePolicy ├── AWSPanoramaServiceRolePolicy ├── AWSPartnerCentralFullAccess ├── AWSPartnerCentralOpportunityManagement ├── AWSPartnerCentralSandboxFullAccess ├── AWSPartnerCentralSellingResourceSnapshotJobExecutionRolePolicy ├── AWSPartnerLedSupportReadOnlyAccess ├── AWSPriceListServiceFullAccess ├── AWSPrivateCAAuditor ├── AWSPrivateCAConnectorForKubernetesPolicy ├── AWSPrivateCAFullAccess ├── AWSPrivateCAPrivilegedUser ├── AWSPrivateCAReadOnly ├── AWSPrivateCAUser ├── AWSPrivateMarketplaceAdminFullAccess ├── AWSPrivateMarketplaceRequests ├── AWSPrivateNetworksServiceRolePolicy ├── AWSProtonCodeBuildProvisioningBasicAccess ├── AWSProtonCodeBuildProvisioningServiceRolePolicy ├── AWSProtonDeveloperAccess ├── AWSProtonFullAccess ├── AWSProtonReadOnlyAccess ├── AWSProtonServiceGitSyncServiceRolePolicy ├── AWSProtonServiceSyncServiceRolePolicy ├── AWSProtonSyncServiceRolePolicy ├── AWSPurchaseOrdersServiceRolePolicy ├── AWSQuickSetupCFGCPacksPermissionsBoundary ├── AWSQuickSetupDeploymentRolePolicy ├── AWSQuickSetupDevOpsGuruPermissionsBoundary ├── AWSQuickSetupDistributorPermissionsBoundary ├── AWSQuickSetupEnableAREXExecutionPolicy ├── AWSQuickSetupEnableDHMCExecutionPolicy ├── AWSQuickSetupJITNADeploymentRolePolicy ├── AWSQuickSetupManageJITNAResourcesExecutionPolicy ├── AWSQuickSetupManagedInstanceProfileExecutionPolicy ├── AWSQuickSetupPatchPolicyBaselineAccess ├── AWSQuickSetupPatchPolicyDeploymentRolePolicy ├── AWSQuickSetupPatchPolicyPermissionsBoundary ├── AWSQuickSetupSSMDeploymentRolePolicy ├── AWSQuickSetupSSMDeploymentS3BucketRolePolicy ├── AWSQuickSetupSSMHostMgmtPermissionsBoundary ├── AWSQuickSetupSSMLifecycleManagementExecutionPolicy ├── AWSQuickSetupSSMManageResourcesExecutionPolicy ├── AWSQuickSetupSchedulerPermissionsBoundary ├── AWSQuickSightAssetBundleExportPolicy ├── AWSQuickSightAssetBundleImportPolicy ├── AWSQuickSightDescribeRDS ├── AWSQuickSightDescribeRedshift ├── AWSQuickSightElasticsearchPolicy ├── AWSQuickSightIoTAnalyticsAccess ├── AWSQuickSightListIAM ├── AWSQuickSightSageMakerPolicy ├── AWSQuickSightSecretsManagerWriteAccess ├── AWSQuickSightSecretsManagerWritePolicy ├── AWSQuickSightTimestreamPolicy ├── AWSQuicksightAthenaAccess ├── AWSQuicksightOpenSearchPolicy ├── AWSReachabilityAnalyzerServiceRolePolicy ├── AWSRefactoringToolkitFullAccess ├── AWSRefactoringToolkitSidecarPolicy ├── AWSRepostSpaceSupportOperationsPolicy ├── AWSResilienceHubAsssessmentExecutionPolicy ├── AWSResourceAccessManagerFullAccess ├── AWSResourceAccessManagerReadOnlyAccess ├── AWSResourceAccessManagerResourceShareParticipantAccess ├── AWSResourceAccessManagerServiceRolePolicy ├── AWSResourceExplorerFullAccess ├── AWSResourceExplorerOrganizationsAccess ├── AWSResourceExplorerReadOnlyAccess ├── AWSResourceExplorerServiceRolePolicy ├── AWSResourceGroupsReadOnlyAccess ├── AWSRoboMakerFullAccess ├── AWSRoboMakerReadOnlyAccess ├── AWSRoboMakerServicePolicy ├── AWSRoboMakerServiceRolePolicy ├── AWSRoboMaker_FullAccess ├── AWSRolesAnywhereServicePolicy ├── AWSS3OnOutpostsServiceRolePolicy ├── AWSSSMForSAPServiceLinkedRolePolicy ├── AWSSSMOpsInsightsServiceRolePolicy ├── AWSSSODirectoryAdministrator ├── AWSSSODirectoryReadOnly ├── AWSSSOMasterAccountAdministrator ├── AWSSSOMemberAccountAdministrator ├── AWSSSOReadOnly ├── AWSSSOServiceRolePolicy ├── AWSSavingsPlansFullAccess ├── AWSSavingsPlansReadOnlyAccess ├── AWSSchemasServiceRolePolicy ├── AWSSecurityHubFullAccess ├── AWSSecurityHubOrganizationsAccess ├── AWSSecurityHubReadOnlyAccess ├── AWSSecurityHubServiceRolePolicy ├── AWSSecurityIncidentResponseCaseFullAccess ├── AWSSecurityIncidentResponseFullAccess ├── AWSSecurityIncidentResponseReadOnlyAccess ├── AWSSecurityIncidentResponseServiceRolePolicy ├── AWSSecurityIncidentResponseTriageServiceRolePolicy ├── AWSServiceCatalogAdminFullAccess ├── AWSServiceCatalogAdminReadOnlyAccess ├── AWSServiceCatalogAppRegistryFullAccess ├── AWSServiceCatalogAppRegistryReadOnlyAccess ├── AWSServiceCatalogAppRegistryServiceRolePolicy ├── AWSServiceCatalogEndUserFullAccess ├── AWSServiceCatalogEndUserReadOnlyAccess ├── AWSServiceCatalogOrgsDataSyncServiceRolePolicy ├── AWSServiceCatalogSyncServiceRolePolicy ├── AWSServiceRoleForAWSTransform ├── AWSServiceRoleForAmazonEKSNodegroup ├── AWSServiceRoleForAmazonQDeveloper ├── AWSServiceRoleForCloudWatchAlarmsActionSSMServiceRolePolicy ├── AWSServiceRoleForCloudWatchMetrics_DbPerfInsightsServiceRolePolicy ├── AWSServiceRoleForCodeGuru-Profiler ├── AWSServiceRoleForCodeGuruProfiler ├── AWSServiceRoleForCodeWhispererPolicy ├── AWSServiceRoleForEC2ScheduledInstances ├── AWSServiceRoleForGammaInternalAmazonEKSNodegroup ├── AWSServiceRoleForGroundStationDataflowEndpointGroupPolicy ├── AWSServiceRoleForImageBuilder ├── AWSServiceRoleForIoTSiteWise ├── AWSServiceRoleForLogDeliveryPolicy ├── AWSServiceRoleForMonitronPolicy ├── AWSServiceRoleForNeptuneGraphPolicy ├── AWSServiceRoleForPrivateMarketplaceAdminPolicy ├── AWSServiceRoleForProcurementInsightsPolicy ├── AWSServiceRoleForSMS ├── AWSServiceRoleForThorInternalDevPolicy ├── AWSServiceRoleForUserSubscriptions ├── AWSServiceRolePolicyForBackupReports ├── AWSServiceRolePolicyForBackupRestoreTesting ├── AWSShieldDRTAccessPolicy ├── AWSShieldServiceRolePolicy ├── AWSSocialMessagingServiceRolePolicy ├── AWSStepFunctionsConsoleFullAccess ├── AWSStepFunctionsFullAccess ├── AWSStepFunctionsReadOnlyAccess ├── AWSStorageGatewayFullAccess ├── AWSStorageGatewayReadOnlyAccess ├── AWSStorageGatewayServiceRolePolicy ├── AWSSupplyChainFederationAdminAccess ├── AWSSupportAccess ├── AWSSupportAppFullAccess ├── AWSSupportAppReadOnlyAccess ├── AWSSupportPlansFullAccess ├── AWSSupportPlansReadOnlyAccess ├── AWSSupportServiceRolePolicy ├── AWSSystemsManagerAccountDiscoveryServicePolicy ├── AWSSystemsManagerChangeManagementServicePolicy ├── AWSSystemsManagerEnableConfigRecordingExecutionPolicy ├── AWSSystemsManagerEnableExplorerExecutionPolicy ├── AWSSystemsManagerForSAPFullAccess ├── AWSSystemsManagerForSAPReadOnlyAccess ├── AWSSystemsManagerJustInTimeAccessServicePolicy ├── AWSSystemsManagerJustInTimeAccessTokenPolicy ├── AWSSystemsManagerJustInTimeAccessTokenSessionPolicy ├── AWSSystemsManagerJustInTimeNodeAccessRolePropagationPolicy ├── AWSSystemsManagerNotificationsServicePolicy ├── AWSSystemsManagerOpsDataSyncServiceRolePolicy ├── AWSThinkboxAWSPortalAdminPolicy ├── AWSThinkboxAWSPortalGatewayPolicy ├── AWSThinkboxAWSPortalWorkerPolicy ├── AWSThinkboxAssetServerPolicy ├── AWSThinkboxDeadlineResourceTrackerAccessPolicy ├── AWSThinkboxDeadlineResourceTrackerAdminPolicy ├── AWSThinkboxDeadlineSpotEventPluginAdminPolicy ├── AWSThinkboxDeadlineSpotEventPluginWorkerPolicy ├── AWSTransferConsoleFullAccess ├── AWSTransferFullAccess ├── AWSTransferLoggingAccess ├── AWSTransferReadOnlyAccess ├── AWSTrustedAdvisorPriorityFullAccess ├── AWSTrustedAdvisorPriorityReadOnlyAccess ├── AWSTrustedAdvisorReportingServiceRolePolicy ├── AWSTrustedAdvisorServiceRolePolicy ├── AWSUserNotificationsServiceLinkedRolePolicy ├── AWSVPCS2SVpnServiceRolePolicy ├── AWSVPCTransitGatewayServiceRolePolicy ├── AWSVPCVerifiedAccessServiceRolePolicy ├── AWSVendorInsightsAssessorFullAccess ├── AWSVendorInsightsAssessorReadOnly ├── AWSVendorInsightsVendorFullAccess ├── AWSVendorInsightsVendorReadOnly ├── AWSVpcLatticeServiceRolePolicy ├── AWSWAFConsoleFullAccess ├── AWSWAFConsoleReadOnlyAccess ├── AWSWAFFullAccess ├── AWSWAFReadOnlyAccess ├── AWSWellArchitectedDiscoveryServiceRolePolicy ├── AWSWellArchitectedOrganizationsServiceRolePolicy ├── AWSWickrFullAccess ├── AWSXRayDaemonWriteAccess ├── AWSXrayCrossAccountSharingConfiguration ├── AWSXrayFullAccess ├── AWSXrayReadOnlyAccess ├── AWSXrayWriteOnlyAccess ├── AWSZonalAutoshiftPracticeRunSLRPolicy ├── AWS_ConfigRole ├── AWS_Config_Role ├── AWSrePostPrivateCloudWatchAccess ├── AccessAnalyzerServiceRolePolicy ├── AdministratorAccess ├── AdministratorAccess-AWSElasticBeanstalk ├── AdministratorAccess-Amplify ├── AlexaForBusinessDeviceSetup ├── AlexaForBusinessFullAccess ├── AlexaForBusinessGatewayExecution ├── AlexaForBusinessLifesizeDelegatedAccessPolicy ├── AlexaForBusinessNetworkProfileServicePolicy ├── AlexaForBusinessPolyDelegatedAccessPolicy ├── AlexaForBusinessReadOnlyAccess ├── AmazonAPIGatewayAdministrator ├── AmazonAPIGatewayInvokeFullAccess ├── AmazonAPIGatewayPushToCloudWatchLogs ├── AmazonAppFlowFullAccess ├── AmazonAppFlowReadOnlyAccess ├── AmazonAppStreamFullAccess ├── AmazonAppStreamPCAAccess ├── AmazonAppStreamReadOnlyAccess ├── AmazonAppStreamServiceAccess ├── AmazonApplicationWizardFullaccess ├── AmazonAthenaFullAccess ├── AmazonAugmentedAIFullAccess ├── AmazonAugmentedAIHumanLoopFullAccess ├── AmazonAugmentedAIIntegratedAPIAccess ├── AmazonAuroraDSQLConsoleFullAccess ├── AmazonAuroraDSQLFullAccess ├── AmazonAuroraDSQLReadOnlyAccess ├── AmazonBedrockFullAccess ├── AmazonBedrockReadOnly ├── AmazonBedrockStudioPermissionsBoundary ├── AmazonBraketFullAccess ├── AmazonBraketJobsExecutionPolicy ├── AmazonBraketServiceRolePolicy ├── AmazonChimeFullAccess ├── AmazonChimeReadOnly ├── AmazonChimeSDK ├── AmazonChimeSDKMediaPipelinesServiceLinkedRolePolicy ├── AmazonChimeSDKMessagingServiceRolePolicy ├── AmazonChimeServiceRolePolicy ├── AmazonChimeTranscriptionServiceLinkedRolePolicy ├── AmazonChimeUserManagement ├── AmazonChimeVoiceConnectorServiceLinkedRolePolicy ├── AmazonCloudDirectoryFullAccess ├── AmazonCloudDirectoryReadOnlyAccess ├── AmazonCloudWatchEvidentlyFullAccess ├── AmazonCloudWatchEvidentlyReadOnlyAccess ├── AmazonCloudWatchEvidentlyServiceRolePolicy ├── AmazonCloudWatchRUMFullAccess ├── AmazonCloudWatchRUMReadOnlyAccess ├── AmazonCloudWatchRUMServiceRolePolicy ├── AmazonCodeCatalystFullAccess ├── AmazonCodeCatalystReadOnlyAccess ├── AmazonCodeCatalystSupportAccess ├── AmazonCodeGuruProfilerAgentAccess ├── AmazonCodeGuruProfilerFullAccess ├── AmazonCodeGuruProfilerReadOnlyAccess ├── AmazonCodeGuruReviewerFullAccess ├── AmazonCodeGuruReviewerReadOnlyAccess ├── AmazonCodeGuruReviewerServiceRolePolicy ├── AmazonCodeGuruSecurityFullAccess ├── AmazonCodeGuruSecurityScanAccess ├── AmazonCognitoDeveloperAuthenticatedIdentities ├── AmazonCognitoIdpEmailServiceRolePolicy ├── AmazonCognitoIdpServiceRolePolicy ├── AmazonCognitoPowerUser ├── AmazonCognitoReadOnly ├── AmazonCognitoUnAuthedIdentitiesSessionPolicy ├── AmazonCognitoUnauthenticatedIdentities ├── AmazonConnectCampaignsServiceLinkedRolePolicy ├── AmazonConnectFullAccess ├── AmazonConnectReadOnlyAccess ├── AmazonConnectServiceLinkedRolePolicy ├── AmazonConnectSynchronizationServiceRolePolicy ├── AmazonConnectVoiceIDFullAccess ├── AmazonConnect_FullAccess ├── AmazonDMSCloudWatchLogsRole ├── AmazonDMSRedshiftS3Role ├── AmazonDMSVPCManagementRole ├── AmazonDRSVPCManagement ├── AmazonDataZoneBedrockModelConsumptionPolicy ├── AmazonDataZoneBedrockModelManagementPolicy ├── AmazonDataZoneDomainExecutionRolePolicy ├── AmazonDataZoneEnvironmentRolePermissionsBoundary ├── AmazonDataZoneFullAccess ├── AmazonDataZoneFullUserAccess ├── AmazonDataZoneGlueManageAccessRolePolicy ├── AmazonDataZonePortalFullAccessPolicy ├── AmazonDataZonePreviewConsoleFullAccess ├── AmazonDataZoneProjectDeploymentPermissionsBoundary ├── AmazonDataZoneProjectRolePermissionsBoundary ├── AmazonDataZoneRedshiftGlueProvisioningPolicy ├── AmazonDataZoneRedshiftManageAccessRolePolicy ├── AmazonDataZoneSageMakerEnvironmentRolePermissionsBoundary ├── AmazonDataZoneSageMakerManageAccessRolePolicy ├── AmazonDataZoneSageMakerProvisioningRolePolicy ├── AmazonDetectiveFullAccess ├── AmazonDetectiveInvestigatorAccess ├── AmazonDetectiveMemberAccess ├── AmazonDetectiveOrganizationsAccess ├── AmazonDetectiveServiceLinkedRolePolicy ├── AmazonDevOpsGuruConsoleFullAccess ├── AmazonDevOpsGuruFullAccess ├── AmazonDevOpsGuruOrganizationsAccess ├── AmazonDevOpsGuruReadOnlyAccess ├── AmazonDevOpsGuruServiceRolePolicy ├── AmazonDocDB-ElasticServiceRolePolicy ├── AmazonDocDBConsoleFullAccess ├── AmazonDocDBElasticFullAccess ├── AmazonDocDBElasticReadOnlyAccess ├── AmazonDocDBFullAccess ├── AmazonDocDBReadOnlyAccess ├── AmazonDynamoDBFullAccess ├── AmazonDynamoDBFullAccess_v2 ├── AmazonDynamoDBFullAccesswithDataPipeline ├── AmazonDynamoDBReadOnlyAccess ├── AmazonEBSCSIDriverPolicy ├── AmazonEC2ContainerRegistryFullAccess ├── AmazonEC2ContainerRegistryPowerUser ├── AmazonEC2ContainerRegistryPullOnly ├── AmazonEC2ContainerRegistryReadOnly ├── AmazonEC2ContainerServiceAutoscaleRole ├── AmazonEC2ContainerServiceEventsRole ├── AmazonEC2ContainerServiceFullAccess ├── AmazonEC2ContainerServiceRole ├── AmazonEC2ContainerServiceforEC2Role ├── AmazonEC2FullAccess ├── AmazonEC2ReadOnlyAccess ├── AmazonEC2ReportsAccess ├── AmazonEC2RolePolicyForApplicationWizard ├── AmazonEC2RolePolicyForLaunchWizard ├── AmazonEC2RoleforAWSCodeDeploy ├── AmazonEC2RoleforAWSCodeDeployLimited ├── AmazonEC2RoleforDataPipelineRole ├── AmazonEC2RoleforSSM ├── AmazonEC2SpotFleetAutoscaleRole ├── AmazonEC2SpotFleetRole ├── AmazonEC2SpotFleetTaggingRole ├── AmazonECSComputeServiceRolePolicy ├── AmazonECSInfrastructureRolePolicyForServiceConnectTransportLayerSecurity ├── AmazonECSInfrastructureRolePolicyForVolumes ├── AmazonECSInfrastructureRolePolicyForVpcLattice ├── AmazonECSServiceRolePolicy ├── AmazonECSTaskExecutionRolePolicy ├── AmazonECS_FullAccess ├── AmazonEFSCSIDriverPolicy ├── AmazonEKSBlockStoragePolicy ├── AmazonEKSClusterPolicy ├── AmazonEKSComputePolicy ├── AmazonEKSConnectorServiceRolePolicy ├── AmazonEKSDashboardServiceRolePolicy ├── AmazonEKSFargatePodExecutionRolePolicy ├── AmazonEKSForFargateServiceRolePolicy ├── AmazonEKSLoadBalancingPolicy ├── AmazonEKSLocalOutpostClusterPolicy ├── AmazonEKSLocalOutpostServiceRolePolicy ├── AmazonEKSNetworkingPolicy ├── AmazonEKSServicePolicy ├── AmazonEKSServiceRolePolicy ├── AmazonEKSVPCResourceController ├── AmazonEKSWorkerNodeMinimalPolicy ├── AmazonEKSWorkerNodePolicy ├── AmazonEKS_CNI_Policy ├── AmazonEMRCleanupPolicy ├── AmazonEMRContainersServiceRolePolicy ├── AmazonEMRFullAccessPolicy_v2 ├── AmazonEMRReadOnlyAccessPolicy_v2 ├── AmazonEMRServerlessServiceRolePolicy ├── AmazonEMRServicePolicy_v2 ├── AmazonESCognitoAccess ├── AmazonESFullAccess ├── AmazonESReadOnlyAccess ├── AmazonEVSServiceRolePolicy ├── AmazonElastiCacheFullAccess ├── AmazonElastiCacheReadOnlyAccess ├── AmazonElasticContainerRegistryPublicFullAccess ├── AmazonElasticContainerRegistryPublicPowerUser ├── AmazonElasticContainerRegistryPublicReadOnly ├── AmazonElasticFileSystemClientFullAccess ├── AmazonElasticFileSystemClientReadOnlyAccess ├── AmazonElasticFileSystemClientReadWriteAccess ├── AmazonElasticFileSystemFullAccess ├── AmazonElasticFileSystemReadOnlyAccess ├── AmazonElasticFileSystemServiceRolePolicy ├── AmazonElasticFileSystemsUtils ├── AmazonElasticMapReduceEditorsRole ├── AmazonElasticMapReduceFullAccess ├── AmazonElasticMapReducePlacementGroupPolicy ├── AmazonElasticMapReduceReadOnlyAccess ├── AmazonElasticMapReduceRole ├── AmazonElasticMapReduceforAutoScalingRole ├── AmazonElasticMapReduceforEC2Role ├── AmazonElasticTranscoderRole ├── AmazonElasticTranscoder_FullAccess ├── AmazonElasticTranscoder_JobsSubmitter ├── AmazonElasticTranscoder_ReadOnlyAccess ├── AmazonElasticsearchServiceRolePolicy ├── AmazonEventBridgeApiDestinationsServiceRolePolicy ├── AmazonEventBridgeFullAccess ├── AmazonEventBridgePipesFullAccess ├── AmazonEventBridgePipesOperatorAccess ├── AmazonEventBridgePipesReadOnlyAccess ├── AmazonEventBridgeReadOnlyAccess ├── AmazonEventBridgeSchedulerFullAccess ├── AmazonEventBridgeSchedulerReadOnlyAccess ├── AmazonEventBridgeSchemasFullAccess ├── AmazonEventBridgeSchemasReadOnlyAccess ├── AmazonEventBridgeSchemasServiceRolePolicy ├── AmazonEverestServicePolicy ├── AmazonFISServiceRolePolicy ├── AmazonFSxConsoleFullAccess ├── AmazonFSxConsoleReadOnlyAccess ├── AmazonFSxFullAccess ├── AmazonFSxReadOnlyAccess ├── AmazonFSxServiceRolePolicy ├── AmazonForecastFullAccess ├── AmazonFraudDetectorFullAccessPolicy ├── AmazonFreeRTOSFullAccess ├── AmazonFreeRTOSOTAUpdate ├── AmazonGlacierFullAccess ├── AmazonGlacierReadOnlyAccess ├── AmazonGrafanaAthenaAccess ├── AmazonGrafanaCloudWatchAccess ├── AmazonGrafanaRedshiftAccess ├── AmazonGrafanaServiceLinkedRolePolicy ├── AmazonGuardDutyFullAccess ├── AmazonGuardDutyMalwareProtectionServiceRolePolicy ├── AmazonGuardDutyReadOnlyAccess ├── AmazonGuardDutyServiceRolePolicy ├── AmazonHealthLakeFullAccess ├── AmazonHealthLakeReadOnlyAccess ├── AmazonHoneycodeFullAccess ├── AmazonHoneycodeReadOnlyAccess ├── AmazonHoneycodeServiceRolePolicy ├── AmazonHoneycodeTeamAssociationFullAccess ├── AmazonHoneycodeTeamAssociationReadOnlyAccess ├── AmazonHoneycodeWorkbookFullAccess ├── AmazonHoneycodeWorkbookReadOnlyAccess ├── AmazonInspector2AgentlessServiceRolePolicy ├── AmazonInspector2FullAccess ├── AmazonInspector2ManagedCisPolicy ├── AmazonInspector2ReadOnlyAccess ├── AmazonInspector2ServiceRolePolicy ├── AmazonInspectorFullAccess ├── AmazonInspectorReadOnlyAccess ├── AmazonInspectorServiceRolePolicy ├── AmazonKendraFullAccess ├── AmazonKendraReadOnlyAccess ├── AmazonKeyspacesFullAccess ├── AmazonKeyspacesReadOnlyAccess ├── AmazonKeyspacesReadOnlyAccess_v2 ├── AmazonKinesisAnalyticsFullAccess ├── AmazonKinesisAnalyticsReadOnly ├── AmazonKinesisFirehoseFullAccess ├── AmazonKinesisFirehoseReadOnlyAccess ├── AmazonKinesisFullAccess ├── AmazonKinesisReadOnlyAccess ├── AmazonKinesisVideoStreamsFullAccess ├── AmazonKinesisVideoStreamsReadOnlyAccess ├── AmazonLambdaRolePolicyForLaunchWizardSAP ├── AmazonLaunchWizardFullAccessV2 ├── AmazonLaunchWizardFullaccess ├── AmazonLaunchWizard_Fullaccess ├── AmazonLexChannelsAccess ├── AmazonLexFullAccess ├── AmazonLexReadOnly ├── AmazonLexReplicationPolicy ├── AmazonLexRunBotsOnly ├── AmazonLexV2BotPolicy ├── AmazonLookoutEquipmentFullAccess ├── AmazonLookoutEquipmentReadOnlyAccess ├── AmazonLookoutMetricsFullAccess ├── AmazonLookoutMetricsReadOnlyAccess ├── AmazonLookoutVisionConsoleFullAccess ├── AmazonLookoutVisionConsoleReadOnlyAccess ├── AmazonLookoutVisionFullAccess ├── AmazonLookoutVisionReadOnlyAccess ├── AmazonMCSFullAccess ├── AmazonMCSReadOnlyAccess ├── AmazonMQApiFullAccess ├── AmazonMQApiReadOnlyAccess ├── AmazonMQFullAccess ├── AmazonMQReadOnlyAccess ├── AmazonMQServiceRolePolicy ├── AmazonMSKConnectReadOnlyAccess ├── AmazonMSKFullAccess ├── AmazonMSKReadOnlyAccess ├── AmazonMWAAServiceRolePolicy ├── AmazonMachineLearningBatchPredictionsAccess ├── AmazonMachineLearningCreateOnlyAccess ├── AmazonMachineLearningFullAccess ├── AmazonMachineLearningManageRealTimeEndpointOnlyAccess ├── AmazonMachineLearningReadOnlyAccess ├── AmazonMachineLearningRealTimePredictionOnlyAccess ├── AmazonMachineLearningRoleforRedshiftDataSource ├── AmazonMachineLearningRoleforRedshiftDataSourceV2 ├── AmazonMachineLearningRoleforRedshiftDataSourceV3 ├── AmazonMacieFullAccess ├── AmazonMacieHandshakeRole ├── AmazonMacieReadOnlyAccess ├── AmazonMacieServiceRole ├── AmazonMacieServiceRolePolicy ├── AmazonMacieSetupRole ├── AmazonManagedBlockchainConsoleFullAccess ├── AmazonManagedBlockchainFullAccess ├── AmazonManagedBlockchainReadOnlyAccess ├── AmazonManagedBlockchainServiceRolePolicy ├── AmazonMechanicalTurkCrowdFullAccess ├── AmazonMechanicalTurkCrowdReadOnlyAccess ├── AmazonMechanicalTurkFullAccess ├── AmazonMechanicalTurkReadOnly ├── AmazonMemoryDBFullAccess ├── AmazonMemoryDBReadOnlyAccess ├── AmazonMobileAnalyticsFinancialReportAccess ├── AmazonMobileAnalyticsFullAccess ├── AmazonMobileAnalyticsNon-financialReportAccess ├── AmazonMobileAnalyticsWriteOnlyAccess ├── AmazonMonitronFullAccess ├── AmazonNimbleStudio-LaunchProfileWorker ├── AmazonNimbleStudio-StudioAdmin ├── AmazonNimbleStudio-StudioUser ├── AmazonODBServiceRolePolicy ├── AmazonOmicsFullAccess ├── AmazonOmicsReadOnlyAccess ├── AmazonOneEnterpriseFullAccess ├── AmazonOneEnterpriseInstallerAccess ├── AmazonOneEnterpriseReadOnlyAccess ├── AmazonOpenSearchDashboardsServiceRolePolicy ├── AmazonOpenSearchDirectQueryGlueCreateAccess ├── AmazonOpenSearchIngestionFullAccess ├── AmazonOpenSearchIngestionReadOnlyAccess ├── AmazonOpenSearchIngestionServiceRolePolicy ├── AmazonOpenSearchServerlessServiceRolePolicy ├── AmazonOpenSearchServiceCognitoAccess ├── AmazonOpenSearchServiceFullAccess ├── AmazonOpenSearchServiceReadOnlyAccess ├── AmazonOpenSearchServiceRolePolicy ├── AmazonPersonalizeFullAccess ├── AmazonPollyFullAccess ├── AmazonPollyReadOnlyAccess ├── AmazonPrometheusConsoleFullAccess ├── AmazonPrometheusFullAccess ├── AmazonPrometheusQueryAccess ├── AmazonPrometheusRemoteWriteAccess ├── AmazonPrometheusScraperServiceRolePolicy ├── AmazonQDeveloperAccess ├── AmazonQFullAccess ├── AmazonQLDBConsoleFullAccess ├── AmazonQLDBFullAccess ├── AmazonQLDBReadOnly ├── AmazonRDSBetaServiceRolePolicy ├── AmazonRDSCustomInstanceProfileRolePolicy ├── AmazonRDSCustomPreviewServiceRolePolicy ├── AmazonRDSCustomServiceRolePolicy ├── AmazonRDSDataFullAccess ├── AmazonRDSDirectoryServiceAccess ├── AmazonRDSEnhancedMonitoringRole ├── AmazonRDSFullAccess ├── AmazonRDSPerformanceInsightsFullAccess ├── AmazonRDSPerformanceInsightsReadOnly ├── AmazonRDSPreviewServiceRolePolicy ├── AmazonRDSReadOnlyAccess ├── AmazonRDSServiceRolePolicy ├── AmazonRedshiftAllCommandsFullAccess ├── AmazonRedshiftDataFullAccess ├── AmazonRedshiftFullAccess ├── AmazonRedshiftQueryEditor ├── AmazonRedshiftQueryEditorV2FullAccess ├── AmazonRedshiftQueryEditorV2NoSharing ├── AmazonRedshiftQueryEditorV2ReadSharing ├── AmazonRedshiftQueryEditorV2ReadWriteSharing ├── AmazonRedshiftReadOnlyAccess ├── AmazonRedshiftServiceLinkedRolePolicy ├── AmazonRekognitionCustomLabelsFullAccess ├── AmazonRekognitionFullAccess ├── AmazonRekognitionReadOnlyAccess ├── AmazonRekognitionServiceRole ├── AmazonRoute53AutoNamingFullAccess ├── AmazonRoute53AutoNamingReadOnlyAccess ├── AmazonRoute53AutoNamingRegistrantAccess ├── AmazonRoute53DomainsFullAccess ├── AmazonRoute53DomainsReadOnlyAccess ├── AmazonRoute53FullAccess ├── AmazonRoute53ProfilesFullAccess ├── AmazonRoute53ProfilesReadOnlyAccess ├── AmazonRoute53ReadOnlyAccess ├── AmazonRoute53RecoveryClusterFullAccess ├── AmazonRoute53RecoveryClusterReadOnlyAccess ├── AmazonRoute53RecoveryControlConfigFullAccess ├── AmazonRoute53RecoveryControlConfigReadOnlyAccess ├── AmazonRoute53RecoveryReadinessFullAccess ├── AmazonRoute53RecoveryReadinessReadOnlyAccess ├── AmazonRoute53ResolverFullAccess ├── AmazonRoute53ResolverReadOnlyAccess ├── AmazonS3FullAccess ├── AmazonS3ObjectLambdaExecutionRolePolicy ├── AmazonS3OutpostsFullAccess ├── AmazonS3OutpostsReadOnlyAccess ├── AmazonS3ReadOnlyAccess ├── AmazonS3TablesFullAccess ├── AmazonS3TablesReadOnlyAccess ├── AmazonSESFullAccess ├── AmazonSESReadOnlyAccess ├── AmazonSESServiceRolePolicy ├── AmazonSNSFullAccess ├── AmazonSNSReadOnlyAccess ├── AmazonSNSRole ├── AmazonSQSFullAccess ├── AmazonSQSReadOnlyAccess ├── AmazonSSMAutomationApproverAccess ├── AmazonSSMAutomationRole ├── AmazonSSMDirectoryServiceAccess ├── AmazonSSMFullAccess ├── AmazonSSMMaintenanceWindowRole ├── AmazonSSMManagedEC2InstanceDefaultPolicy ├── AmazonSSMManagedInstanceCore ├── AmazonSSMPatchAssociation ├── AmazonSSMReadOnlyAccess ├── AmazonSSMServiceRolePolicy ├── AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy ├── AmazonSageMakerCanvasAIServicesAccess ├── AmazonSageMakerCanvasBedrockAccess ├── AmazonSageMakerCanvasDataPrepFullAccess ├── AmazonSageMakerCanvasDirectDeployAccess ├── AmazonSageMakerCanvasEMRServerlessExecutionRolePolicy ├── AmazonSageMakerCanvasForecastAccess ├── AmazonSageMakerCanvasFullAccess ├── AmazonSageMakerCanvasSMDataScienceAssistantAccess ├── AmazonSageMakerClusterInstanceRolePolicy ├── AmazonSageMakerCoreServiceRolePolicy ├── AmazonSageMakerEdgeDeviceFleetPolicy ├── AmazonSageMakerFeatureStoreAccess ├── AmazonSageMakerFullAccess ├── AmazonSageMakerGeospatialExecutionRole ├── AmazonSageMakerGeospatialFullAccess ├── AmazonSageMakerGroundTruthExecution ├── AmazonSageMakerHyperPodServiceRolePolicy ├── AmazonSageMakerMechanicalTurkAccess ├── AmazonSageMakerModelGovernanceUseAccess ├── AmazonSageMakerModelRegistryFullAccess ├── AmazonSageMakerNotebooksServiceRolePolicy ├── AmazonSageMakerPartnerAppsFullAccess ├── AmazonSageMakerPartnerServiceCatalogProductsApiGatewayServiceRolePolicy ├── AmazonSageMakerPartnerServiceCatalogProductsCloudFormationServiceRolePolicy ├── AmazonSageMakerPartnerServiceCatalogProductsLambdaServiceRolePolicy ├── AmazonSageMakerPipelinesIntegrations ├── AmazonSageMakerReadOnly ├── AmazonSageMakerServiceCatalogProductsApiGatewayServiceRolePolicy ├── AmazonSageMakerServiceCatalogProductsCloudformationServiceRolePolicy ├── AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy ├── AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy ├── AmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy ├── AmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy ├── AmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy ├── AmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy ├── AmazonSageMakerTrainingPlanCreateAccess ├── AmazonSecurityLakeAdministrator ├── AmazonSecurityLakeMetastoreManager ├── AmazonSecurityLakePermissionsBoundary ├── AmazonSumerianFullAccess ├── AmazonTextractFullAccess ├── AmazonTextractServiceRole ├── AmazonTimestreamConsoleFullAccess ├── AmazonTimestreamFullAccess ├── AmazonTimestreamInfluxDBFullAccess ├── AmazonTimestreamInfluxDBFullAccessWithoutMarketplaceAccess ├── AmazonTimestreamInfluxDBServiceRolePolicy ├── AmazonTimestreamReadOnlyAccess ├── AmazonTranscribeFullAccess ├── AmazonTranscribeReadOnlyAccess ├── AmazonVPCCrossAccountNetworkInterfaceOperations ├── AmazonVPCFullAccess ├── AmazonVPCNetworkAccessAnalyzerFullAccessPolicy ├── AmazonVPCReachabilityAnalyzerFullAccessPolicy ├── AmazonVPCReachabilityAnalyzerPathComponentReadPolicy ├── AmazonVPCReadOnlyAccess ├── AmazonVerifiedPermissionsFullAccess ├── AmazonVerifiedPermissionsReadOnlyAccess ├── AmazonWorkDocsFullAccess ├── AmazonWorkDocsReadOnlyAccess ├── AmazonWorkLinkFullAccess ├── AmazonWorkLinkReadOnly ├── AmazonWorkLinkServiceRolePolicy ├── AmazonWorkMailEventsServiceRolePolicy ├── AmazonWorkMailFullAccess ├── AmazonWorkMailMessageFlowFullAccess ├── AmazonWorkMailMessageFlowReadOnlyAccess ├── AmazonWorkMailReadOnlyAccess ├── AmazonWorkSpacesAdmin ├── AmazonWorkSpacesApplicationManagerAdminAccess ├── AmazonWorkSpacesPoolServiceAccess ├── AmazonWorkSpacesSecureBrowserReadOnly ├── AmazonWorkSpacesSelfServiceAccess ├── AmazonWorkSpacesServiceAccess ├── AmazonWorkSpacesThinClientFullAccess ├── AmazonWorkSpacesThinClientReadOnlyAccess ├── AmazonWorkSpacesWebReadOnly ├── AmazonWorkSpacesWebServiceRolePolicy ├── AmazonWorkspacesPCAAccess ├── AmazonZocaloFullAccess ├── AmazonZocaloReadOnlyAccess ├── AmplifyBackendDeployFullAccess ├── AppIntegrationsServiceLinkedRolePolicy ├── AppRunnerNetworkingServiceRolePolicy ├── AppRunnerServiceRolePolicy ├── AppStudioServiceRolePolicy ├── ApplicationAutoScalingForAmazonAppStreamAccess ├── ApplicationDiscoveryServiceContinuousExportServiceRolePolicy ├── AuroraDsqlServiceLinkedRolePolicy ├── AutoScalingConsoleFullAccess ├── AutoScalingConsoleReadOnlyAccess ├── AutoScalingFullAccess ├── AutoScalingNotificationAccessRole ├── AutoScalingReadOnlyAccess ├── AutoScalingServiceRolePolicy ├── AwsGlueDataBrewFullAccessPolicy ├── AwsGlueSessionUserRestrictedNotebookPolicy ├── AwsGlueSessionUserRestrictedNotebookServiceRole ├── AwsGlueSessionUserRestrictedPolicy ├── AwsGlueSessionUserRestrictedServiceRole ├── BatchServiceRolePolicy ├── Billing ├── CertificateManagerServiceRolePolicy ├── CheesepuffsServiceRolePolicy ├── ClientVPNServiceConnectionsRolePolicy ├── ClientVPNServiceRolePolicy ├── CloudFormationStackSetsOrgAdminServiceRolePolicy ├── CloudFormationStackSetsOrgMemberServiceRolePolicy ├── CloudFrontFullAccess ├── CloudFrontReadOnlyAccess ├── CloudHSMServiceRolePolicy ├── CloudSearchFullAccess ├── CloudSearchReadOnlyAccess ├── CloudTrailEventContext ├── CloudTrailServiceRolePolicy ├── CloudWatch-CrossAccountAccess ├── CloudWatchActionsEC2Access ├── CloudWatchAgentAdminPolicy ├── CloudWatchAgentServerPolicy ├── CloudWatchApplicationInsightsFullAccess ├── CloudWatchApplicationInsightsReadOnlyAccess ├── CloudWatchApplicationSignalsFullAccess ├── CloudWatchApplicationSignalsReadOnlyAccess ├── CloudWatchApplicationSignalsServiceRolePolicy ├── CloudWatchAutomaticDashboardsAccess ├── CloudWatchCrossAccountSharingConfiguration ├── CloudWatchEventsBuiltInTargetExecutionAccess ├── CloudWatchEventsFullAccess ├── CloudWatchEventsInvocationAccess ├── CloudWatchEventsReadOnlyAccess ├── CloudWatchEventsServiceRolePolicy ├── CloudWatchFullAccess ├── CloudWatchFullAccessV2 ├── CloudWatchInternetMonitorFullAccess ├── CloudWatchInternetMonitorReadOnlyAccess ├── CloudWatchInternetMonitorServiceRolePolicy ├── CloudWatchLambdaApplicationSignalsExecutionRolePolicy ├── CloudWatchLambdaInsightsExecutionRolePolicy ├── CloudWatchLogsCrossAccountSharingConfiguration ├── CloudWatchLogsFullAccess ├── CloudWatchLogsReadOnlyAccess ├── CloudWatchNetworkFlowMonitorAgentPublishPolicy ├── CloudWatchNetworkFlowMonitorServiceRolePolicy ├── CloudWatchNetworkFlowMonitorTopologyServiceRolePolicy ├── CloudWatchNetworkMonitorServiceRolePolicy ├── CloudWatchOpenSearchDashboardAccess ├── CloudWatchOpenSearchDashboardsFullAccess ├── CloudWatchReadOnlyAccess ├── CloudWatchSyntheticsFullAccess ├── CloudWatchSyntheticsReadOnlyAccess ├── CloudwatchApplicationInsightsServiceLinkedRolePolicy ├── ComprehendDataAccessRolePolicy ├── ComprehendFullAccess ├── ComprehendMedicalFullAccess ├── ComprehendReadOnly ├── ComputeOptimizerReadOnlyAccess ├── ComputeOptimizerServiceRolePolicy ├── ConfigConformsServiceRolePolicy ├── CostOptimizationHubAdminAccess ├── CostOptimizationHubReadOnlyAccess ├── CostOptimizationHubServiceRolePolicy ├── CustomerProfilesServiceLinkedRolePolicy ├── DAXServiceRolePolicy ├── DataScientist ├── DatabaseAdministrator ├── DeclarativePoliciesEC2Report ├── DynamoDBCloudWatchContributorInsightsServiceRolePolicy ├── DynamoDBKinesisReplicationServiceRolePolicy ├── DynamoDBReplicationServiceRolePolicy ├── EC2FastLaunchFullAccess ├── EC2FastLaunchServiceRolePolicy ├── EC2FleetTimeShiftableServiceRolePolicy ├── EC2ImageBuilderLifecycleExecutionPolicy ├── EC2InstanceConnect ├── EC2InstanceProfileForImageBuilder ├── EC2InstanceProfileForImageBuilderECRContainerBuilds ├── ECRReplicationServiceRolePolicy ├── ECRTemplateServiceRolePolicy ├── EMRDescribeClusterPolicyForEMRWAL ├── Ec2ImageBuilderCrossAccountDistributionAccess ├── Ec2InstanceConnectEndpoint ├── ElastiCacheServiceRolePolicy ├── ElasticLoadBalancingFullAccess ├── ElasticLoadBalancingReadOnly ├── ElementalActivationsDownloadSoftwareAccess ├── ElementalActivationsFullAccess ├── ElementalActivationsGenerateLicenses ├── ElementalActivationsReadOnlyAccess ├── ElementalAppliancesSoftwareFullAccess ├── ElementalAppliancesSoftwareReadOnlyAccess ├── ElementalSupportCenterFullAccess ├── FMSServiceRolePolicy ├── FSxDeleteServiceLinkedRoleAccess ├── GameLiftContainerFleetPolicy ├── GameLiftGameServerGroupPolicy ├── GitLabDuoWithAmazonQPermissionsPolicy ├── GlobalAcceleratorFullAccess ├── GlobalAcceleratorReadOnlyAccess ├── GreengrassOTAUpdateArtifactAccess ├── GroundTruthSyntheticConsoleFullAccess ├── GroundTruthSyntheticConsoleReadOnlyAccess ├── Health_OrganizationsServiceRolePolicy ├── IAMAccessAdvisorReadOnly ├── IAMAccessAnalyzerFullAccess ├── IAMAccessAnalyzerReadOnlyAccess ├── IAMAuditRootUserCredentials ├── IAMCreateRootUserPassword ├── IAMDeleteRootUserCredentials ├── IAMFullAccess ├── IAMReadOnlyAccess ├── IAMSelfManageServiceSpecificCredentials ├── IAMUserChangePassword ├── IAMUserSSHKeys ├── IVSFullAccess ├── IVSReadOnlyAccess ├── IVSRecordToS3 ├── KafkaConnectServiceRolePolicy ├── KafkaServiceRolePolicy ├── KeyspacesReplicationServiceRolePolicy ├── LakeFormationDataAccessServiceRolePolicy ├── LexBotPolicy ├── LexChannelPolicy ├── LightsailExportAccess ├── MediaConnectGatewayInstanceRolePolicy ├── MediaPackageServiceRolePolicy ├── MemoryDBServiceRolePolicy ├── MigrationHubDMSAccessServiceRolePolicy ├── MigrationHubSMSAccessServiceRolePolicy ├── MigrationHubServiceRolePolicy ├── MonitronServiceRolePolicy ├── NeptuneConsoleFullAccess ├── NeptuneFullAccess ├── NeptuneGraphReadOnlyAccess ├── NeptuneReadOnlyAccess ├── NetworkAdministrator ├── OAMFullAccess ├── OAMReadOnlyAccess ├── OpensearchIngestionSelfManagedVpcePolicy ├── PartnerCentralAccountManagementUserRoleAssociation ├── PowerUserAccess ├── QAppsServiceRolePolicy ├── QBusinessQuicksightPluginPolicy ├── QBusinessServiceRolePolicy ├── QuickSightAccessForS3StorageManagementAnalyticsReadOnly ├── RDSCloudHsmAuthorizationRole ├── ROSAAmazonEBSCSIDriverOperatorPolicy ├── ROSACloudNetworkConfigOperatorPolicy ├── ROSAControlPlaneOperatorPolicy ├── ROSAImageRegistryOperatorPolicy ├── ROSAIngressOperatorPolicy ├── ROSAInstallerPolicy ├── ROSAKMSProviderPolicy ├── ROSAKubeControllerPolicy ├── ROSAManageSubscription ├── ROSANodePoolManagementPolicy ├── ROSASRESupportPolicy ├── ROSAWorkerInstancePolicy ├── ReadOnlyAccess ├── ResourceGroupsServiceRolePolicy ├── ResourceGroupsTaggingAPITagUntagSupportedResources ├── ResourceGroupsandTagEditorFullAccess ├── ResourceGroupsandTagEditorReadOnlyAccess ├── Route53RecoveryReadinessServiceRolePolicy ├── Route53ResolverServiceRolePolicy ├── S3StorageLensServiceRolePolicy ├── S3UnlockBucketPolicy ├── SMSVoiceServiceRolePolicy ├── SQSUnlockQueuePolicy ├── SSMQuickSetupRolePolicy ├── SageMakerStudioBedrockAgentServiceRolePolicy ├── SageMakerStudioBedrockChatAgentUserRolePolicy ├── SageMakerStudioBedrockEvaluationJobServiceRolePolicy ├── SageMakerStudioBedrockFlowServiceRolePolicy ├── SageMakerStudioBedrockFunctionExecutionRolePolicy ├── SageMakerStudioBedrockKnowledgeBaseCustomResourcePolicy ├── SageMakerStudioBedrockKnowledgeBaseServiceRolePolicy ├── SageMakerStudioBedrockPromptUserRolePolicy ├── SageMakerStudioDomainExecutionRolePolicy ├── SageMakerStudioDomainServiceRolePolicy ├── SageMakerStudioEMRInstanceRolePolicy ├── SageMakerStudioEMRServiceRolePolicy ├── SageMakerStudioFullAccess ├── SageMakerStudioProjectProvisioningRolePolicy ├── SageMakerStudioProjectRoleMachineLearningPolicy ├── SageMakerStudioProjectUserRolePermissionsBoundary ├── SageMakerStudioProjectUserRolePolicy ├── SageMakerStudioQueryExecutionRolePolicy ├── SecretsManagerReadWrite ├── SecurityAudit ├── SecurityLakeResourceManagementServiceRolePolicy ├── SecurityLakeServiceLinkedRole ├── ServerMigrationConnector ├── ServerMigrationServiceConsoleFullAccess ├── ServerMigrationServiceLaunchRole ├── ServerMigrationServiceRole ├── ServerMigrationServiceRoleForInstanceValidation ├── ServerMigration_ServiceRole ├── ServiceCatalogAdminReadOnlyAccess ├── ServiceCatalogEndUserAccess ├── ServiceQuotasFullAccess ├── ServiceQuotasReadOnlyAccess ├── ServiceQuotasServiceRolePolicy ├── SimpleWorkflowFullAccess ├── SplitCostAllocationDataServiceRolePolicy ├── SupportUser ├── SystemAdministrator ├── TagGovernancePolicy ├── TagPoliciesServiceRolePolicy ├── TranslateFullAccess ├── TranslateReadOnly ├── VMImportExportRoleForAWSConnector ├── VPCLatticeFullAccess ├── VPCLatticeReadOnlyAccess ├── VPCLatticeServicesInvokeAccess ├── ViewOnlyAccess ├── WAFLoggingServiceRolePolicy ├── WAFRegionalLoggingServiceRolePolicy ├── WAFV2LoggingServiceRolePolicy ├── WellArchitectedConsoleFullAccess ├── WellArchitectedConsoleReadOnlyAccess └── WorkLinkServiceRolePolicy /.github/FUNDING.yml: -------------------------------------------------------------------------------- 1 | # These are supported funding model platforms 2 | 3 | github: z0ph 4 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | list-policies.json 2 | 3 | .vscode 4 | build/ 5 | # General 6 | .DS_Store 7 | .AppleDouble 8 | .LSOverride 9 | test.py 10 | 11 | # Icon must end with two \r 12 | Icon 13 | 14 | # Terraform 15 | *.tfplan 16 | *.tfstate* 17 | **.terraform/ 18 | 19 | .vscode 20 | .terraform 21 | test-vgr/ 22 | 23 | # Thumbnails 24 | ._* 25 | 26 | # Files that might appear in the root of a volume 27 | .DocumentRevisions-V100 28 | .fseventsd 29 | .Spotlight-V100 30 | .TemporaryItems 31 | .Trashes 32 | .VolumeIcon.icns 33 | .com.apple.timemachine.donotpresent 34 | 35 | # Directories potentially created on remote AFP share 36 | .AppleDB 37 | .AppleDesktop 38 | Network Trash Folder 39 | Temporary Items 40 | .apdisk 41 | .idea/ 42 | -------------------------------------------------------------------------------- /assets/mamip_twitter.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zoph-io/MAMIP/4f9dcc8df0d6eee90b7796650ab6c8edaf42b55d/assets/mamip_twitter.png -------------------------------------------------------------------------------- /assets/watching.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zoph-io/MAMIP/4f9dcc8df0d6eee90b7796650ab6c8edaf42b55d/assets/watching.gif -------------------------------------------------------------------------------- /automation/requirements.txt: -------------------------------------------------------------------------------- 1 | boto3>=1.34.0 2 | botocore>=1.34.0 -------------------------------------------------------------------------------- /automation/script-fargate.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | aws s3 cp s3://mamip-artifacts/$Environment/runbook.sh /tmp/ --region eu-west-1 4 | bash /tmp/runbook.sh 5 | -------------------------------------------------------------------------------- /automation/tf-fargate/ecr.tf: -------------------------------------------------------------------------------- 1 | resource "aws_ecr_repository" "ecr" { 2 | name = "${var.project}-ecr-${var.env}" 3 | 4 | tags = var.tags 5 | } 6 | -------------------------------------------------------------------------------- /automation/tf-fargate/main.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = var.aws_region 3 | 4 | default_tags { 5 | tags = { 6 | aws_region = "eu-west-1" 7 | Project = "mamip" 8 | Terraform = "true" 9 | } 10 | } 11 | } 12 | 13 | terraform { 14 | required_providers { 15 | aws = { 16 | source = "hashicorp/aws" 17 | version = "4.64.0" 18 | } 19 | } 20 | 21 | backend "s3" { 22 | region = "eu-west-1" 23 | } 24 | } -------------------------------------------------------------------------------- /automation/tf-fargate/output.tf: -------------------------------------------------------------------------------- 1 | output "ecr-repository-url" { 2 | value = aws_ecr_repository.ecr.repository_url 3 | } 4 | -------------------------------------------------------------------------------- /automation/tf-fargate/tasks/container_definition.json.tpl: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "logConfiguration": { 4 | "logDriver": "awslogs", 5 | "options": { 6 | "awslogs-group": "/ecs/${project}-${env}", 7 | "awslogs-region": "${aws_region}", 8 | "awslogs-stream-prefix": "ecs" 9 | } 10 | }, 11 | "image": "${container_image}", 12 | "name": "${project}-${env}-container", 13 | "runtimePlatform": { 14 | "operatingSystemFamily": "LINUX", 15 | "cpuArchitecture": "ARM64" 16 | }, 17 | "environment": [ 18 | { 19 | "name": "Environment", 20 | "value": "${env}" 21 | } 22 | ], 23 | "mountPoints": [], 24 | "volumesFrom": [], 25 | "essential": true 26 | } 27 | ] 28 | -------------------------------------------------------------------------------- /automation/validate.py: -------------------------------------------------------------------------------- 1 | import boto3 2 | import json 3 | 4 | client = boto3.client("accessanalyzer") 5 | 6 | policy = """ 7 | { 8 | "Version": "2012-10-17", 9 | "Statement": [ 10 | { 11 | "Effect": "Allow", 12 | "Action": "*", 13 | "Resource": "*" 14 | } 15 | ] 16 | } 17 | """ 18 | 19 | r = client.validate_policy( 20 | policyDocument=policy, 21 | # policyType='IDENTITY_POLICY'|'RESOURCE_POLICY'|'SERVICE_CONTROL_POLICY' 22 | policyType="IDENTITY_POLICY", 23 | ) 24 | 25 | print(json.dumps(r["findings"], indent=4, sort_keys=True)) 26 | -------------------------------------------------------------------------------- /policies/AWSAccountManagementFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-09-30T23:20:37Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "account:*", 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "IsDefaultVersion": true 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AWSAccountManagementReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-09-30T23:29:53Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "account:Get*", 11 | "account:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSAccountUsageReportAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:41:19Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "aws-portal:ViewUsage" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSAppMeshEnvoyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-07-03T21:29:37Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "appmesh:StreamAggregatedResources" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSAppMeshPreviewEnvoyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-08-05T23:32:39Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "appmesh-preview:StreamAggregatedResources" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSAppRunnerReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-02-24T21:24:15Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "apprunner:List*", 11 | "apprunner:Describe*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSAppSyncInvokeFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-03-20T21:21:20Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "appsync:GraphQL", 11 | "appsync:GetGraphqlApi", 12 | "appsync:ListGraphqlApis", 13 | "appsync:ListApiKeys" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSAppSyncPushToCloudWatchLogs: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-04-09T19:38:55Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "logs:CreateLogGroup", 11 | "logs:CreateLogStream", 12 | "logs:PutLogEvents" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSApplicationMigrationConversionServerPolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-04-07T06:48:58Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "mgn:SendClientMetricsForMgn", 11 | "mgn:SendClientLogsForMgn", 12 | "mgn:GetChannelCommandsForMgn", 13 | "mgn:SendChannelCommandResultForMgn" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSArtifactAccountSync: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-04-10T23:04:33Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "organizations:ListAccounts", 11 | "organizations:DescribeOrganization" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSArtifactReportsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2025-03-24T18:37:06Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "artifact:GetReport", 11 | "artifact:GetReportMetadata", 12 | "artifact:GetTermForReport", 13 | "artifact:ListReports" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow", 17 | "Sid": "ArtifactReportActions" 18 | } 19 | ] 20 | }, 21 | "IsDefaultVersion": true 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSArtifactServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-08-21T20:27:31Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "organizations:ListAccounts", 11 | "organizations:DescribeOrganization", 12 | "organizations:DescribeAccount", 13 | "organizations:ListAWSServiceAccessForOrganization" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSBCMDataExportsServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2024-06-10T17:40:19Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "cost-optimization-hub:ListEnrollmentStatuses", 11 | "cost-optimization-hub:ListRecommendations" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow", 15 | "Sid": "CostOptimizationRecommendationAccess" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSBatchServiceEventTargetRole: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-02-28T22:31:13Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "batch:SubmitJob" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSBillingConductorFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-04-13T18:02:29Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "billingconductor:*", 11 | "organizations:ListAccounts", 12 | "pricing:DescribeServices" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSBillingConductorReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-04-13T18:02:59Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "billingconductor:List*", 11 | "organizations:ListAccounts", 12 | "pricing:DescribeServices" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSBudgetsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2024-06-17T17:41:25Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "aws-portal:ViewBilling", 11 | "budgets:ViewBudget", 12 | "budgets:Describe*", 13 | "budgets:ListTagsForResource" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow", 17 | "Sid": "AWSBudgetsReadOnlyAccess" 18 | } 19 | ] 20 | }, 21 | "IsDefaultVersion": true 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSCertificateManagerPrivateCAFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-10-23T16:54:50Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "acm-pca:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSCertificateManagerReadOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-03-15T16:25:21Z", 4 | "VersionId": "v4", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": { 8 | "Action": [ 9 | "acm:DescribeCertificate", 10 | "acm:ListCertificates", 11 | "acm:GetCertificate", 12 | "acm:ListTagsForCertificate", 13 | "acm:GetAccountConfiguration" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSCloudFormationFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-07-26T21:50:35Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "cloudformation:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSCloudFrontLogger: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-11-22T19:33:51Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "logs:CreateLogGroup", 11 | "logs:CreateLogStream", 12 | "logs:PutLogEvents" 13 | ], 14 | "Resource": "arn:aws:logs:*:*:log-group:/aws/cloudfront/*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSCloudHSMFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:39:51Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "cloudhsm:*", 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "IsDefaultVersion": true 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AWSCloudHSMReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:39:52Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "cloudhsm:Get*", 11 | "cloudhsm:List*", 12 | "cloudhsm:Describe*" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSCloudMapDiscoverInstanceAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-09-20T21:48:09Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "servicediscovery:DiscoverInstances", 11 | "servicediscovery:DiscoverInstancesRevision" 12 | ], 13 | "Resource": [ 14 | "*" 15 | ], 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSCloudShellFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-12-15T18:07:44Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "cloudshell:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSCloudTrail_ReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-06-14T17:19:05Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "cloudtrail:Get*", 11 | "cloudtrail:Describe*", 12 | "cloudtrail:List*", 13 | "cloudtrail:LookupEvents" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSCloudWatchAlarms_ActionSSMIncidentsServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-04-27T13:30:52Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "ssm-incidents:StartIncident", 10 | "Resource": "*", 11 | "Effect": "Allow", 12 | "Sid": "StartIncidentPermissions" 13 | } 14 | ] 15 | }, 16 | "IsDefaultVersion": true 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /policies/AWSCodeDeployRoleForCloudFormation: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-05-19T17:12:52Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "lambda:InvokeFunction" 11 | ], 12 | "Resource": "arn:aws:lambda:*:*:function:CodeDeployHook_*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSCodePipelineFullAccess: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zoph-io/MAMIP/4f9dcc8df0d6eee90b7796650ab6c8edaf42b55d/policies/AWSCodePipelineFullAccess -------------------------------------------------------------------------------- /policies/AWSConfigRoleForOrganizations: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-11-24T20:19:13Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "organizations:ListAccounts", 11 | "organizations:DescribeOrganization", 12 | "organizations:ListAWSServiceAccessForOrganization", 13 | "organizations:ListDelegatedAdministrators" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSDMSFleetAdvisorServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-03-06T09:10:42Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": { 8 | "Action": "cloudwatch:PutMetricData", 9 | "Resource": "*", 10 | "Effect": "Allow", 11 | "Condition": { 12 | "StringEquals": { 13 | "cloudwatch:namespace": "AWS/DMS/FleetAdvisor" 14 | } 15 | } 16 | } 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSDenyAll: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-12-18T16:42:05Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Deny", 14 | "Sid": "DenyAll" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSDeviceFarmFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-07-13T16:37:38Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "devicefarm:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSDirectConnectFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-04-30T15:29:29Z", 4 | "VersionId": "v3", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "directconnect:*", 11 | "ec2:DescribeVpnGateways", 12 | "ec2:DescribeTransitGateways" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSDirectConnectReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-05-18T18:48:22Z", 4 | "VersionId": "v4", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "directconnect:Describe*", 11 | "directconnect:List*", 12 | "ec2:DescribeVpnGateways", 13 | "ec2:DescribeTransitGateways" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSECRPullThroughCacheServiceRolePolicy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zoph-io/MAMIP/4f9dcc8df0d6eee90b7796650ab6c8edaf42b55d/policies/AWSECRPullThroughCacheServiceRolePolicy -------------------------------------------------------------------------------- /policies/AWSElasticBeanstalkRoleCWL: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-06-05T21:49:06Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "logs:CreateLogGroup", 11 | "logs:DeleteLogGroup", 12 | "logs:PutRetentionPolicy" 13 | ], 14 | "Resource": "arn:aws:logs:*:*:log-group:/aws/elasticbeanstalk/*", 15 | "Effect": "Allow", 16 | "Sid": "AllowCWL" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaConnectFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2025-02-12T20:07:07Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "mediaconnect:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaConvertReadOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-06-10T22:52:18Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "mediaconvert:Get*", 11 | "mediaconvert:List*", 12 | "mediaconvert:DescribeEndpoints", 13 | "s3:ListAllMyBuckets", 14 | "s3:ListBucket" 15 | ], 16 | "Resource": "*", 17 | "Effect": "Allow" 18 | } 19 | ] 20 | }, 21 | "IsDefaultVersion": true 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaLiveFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-07-08T17:07:14Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": { 8 | "Action": "medialive:*", 9 | "Resource": "*", 10 | "Effect": "Allow" 11 | } 12 | }, 13 | "IsDefaultVersion": true 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaLiveReadOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2024-07-22T17:08:46Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "medialive:Get*", 11 | "medialive:List*", 12 | "medialive:Describe*" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow", 16 | "Sid": "AWSElementalMediaLiveReadOnly" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaPackageFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-12-29T23:39:52Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": { 8 | "Action": "mediapackage:*", 9 | "Resource": "*", 10 | "Effect": "Allow" 11 | } 12 | }, 13 | "IsDefaultVersion": true 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaPackageReadOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-12-30T00:04:29Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": { 8 | "Action": [ 9 | "mediapackage:List*", 10 | "mediapackage:Describe*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | }, 16 | "IsDefaultVersion": true 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaPackageV2FullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-07-25T20:29:37Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": { 8 | "Action": "mediapackagev2:*", 9 | "Resource": "*", 10 | "Effect": "Allow" 11 | } 12 | }, 13 | "IsDefaultVersion": true 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaPackageV2ReadOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-07-25T20:31:25Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": { 8 | "Action": [ 9 | "mediapackagev2:List*", 10 | "mediapackagev2:Get*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | }, 16 | "IsDefaultVersion": true 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaStoreFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-03-05T23:15:31Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "mediastore:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow", 14 | "Condition": { 15 | "Bool": { 16 | "aws:SecureTransport": "true" 17 | } 18 | } 19 | } 20 | ] 21 | }, 22 | "IsDefaultVersion": true 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaTailorFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-11-23T00:04:39Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": { 8 | "Action": "mediatailor:*", 9 | "Resource": "*", 10 | "Effect": "Allow" 11 | } 12 | }, 13 | "IsDefaultVersion": true 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /policies/AWSElementalMediaTailorReadOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-11-23T00:05:01Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": { 8 | "Action": [ 9 | "mediatailor:List*", 10 | "mediatailor:Describe*", 11 | "mediatailor:Get*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSEnhancedClassicNetworkingMangementPolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-09-20T17:29:09Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ec2:DescribeInstances", 11 | "ec2:DescribeSecurityGroups" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSEntityResolutionConsoleReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-08-17T18:18:36Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "entityresolution:Get*", 11 | "entityresolution:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow", 15 | "Sid": "EntityResolutionRead" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSGrafanaConsoleReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-02-15T22:30:54Z", 4 | "VersionId": "v3", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "grafana:Describe*", 11 | "grafana:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow", 15 | "Sid": "AWSGrafanaConsoleReadOnlyAccess" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSGreengrassFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-05-03T00:47:37Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "greengrass:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSGreengrassReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-10-30T16:01:43Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "greengrass:List*", 11 | "greengrass:Get*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSGroundStationAgentInstancePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-03-29T15:23:12Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "groundstation:RegisterAgent", 11 | "groundstation:UpdateAgentStatus", 12 | "groundstation:GetAgentConfiguration" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSIQContractServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-08-22T19:28:39Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "aws-marketplace:Subscribe" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSIdentitySyncReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-03-23T23:29:52Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "identity-sync:GetSyncProfile", 11 | "identity-sync:ListSyncFilters", 12 | "identity-sync:GetSyncTarget" 13 | ], 14 | "Resource": "arn:*:identity-sync:*:*:*/*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSImportExportFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:40:43Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "importexport:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSImportExportReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:40:42Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "importexport:ListJobs", 11 | "importexport:GetStatus" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSIoT1ClickFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-05-11T22:10:14Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iot1click:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSIoT1ClickReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-05-11T21:49:24Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iot1click:Describe*", 11 | "iot1click:Get*", 12 | "iot1click:List*" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSIoTAnalyticsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-06-18T23:02:45Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iotanalytics:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSIoTAnalyticsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-06-18T21:37:49Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iotanalytics:Describe*", 11 | "iotanalytics:List*", 12 | "iotanalytics:Get*", 13 | "iotanalytics:SampleChannelData" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSIoTDeviceDefenderAddThingsToThingGroupMitigationAction: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-08-07T17:55:37Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iot:ListPrincipalThings", 11 | "iot:AddThingToThingGroup" 12 | ], 13 | "Resource": [ 14 | "*" 15 | ], 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSIoTDeviceDefenderPublishFindingsToSNSMitigationAction: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-08-07T17:04:37Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "sns:Publish" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ], 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSIoTDeviceDefenderReplaceDefaultPolicyMitigationAction: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-08-07T17:04:57Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iot:CreatePolicyVersion" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ], 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSIoTDeviceDefenderUpdateCACertMitigationAction: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-08-07T17:05:49Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iot:UpdateCACertificate" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ], 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSIoTDeviceDefenderUpdateDeviceCertMitigationAction: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-08-07T17:06:00Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iot:UpdateCertificate" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ], 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSIoTEventsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-01-10T22:51:57Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iotevents:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSIoTEventsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-09-23T17:22:04Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iotevents:Describe*", 11 | "iotevents:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSIoTFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-05-19T21:39:11Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iot:*", 11 | "iotjobsdata:*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSIoTOTAUpdate: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-12-20T20:36:53Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": { 8 | "Action": [ 9 | "iot:CreateJob", 10 | "signer:DescribeSigningJob" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | }, 16 | "IsDefaultVersion": true 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /policies/AWSIoTSiteWiseFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-12-04T20:53:39Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iotsitewise:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSIoTSiteWiseReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-09-16T19:05:20Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iotsitewise:Describe*", 11 | "iotsitewise:List*", 12 | "iotsitewise:Get*", 13 | "iotsitewise:BatchGet*" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSIoTWirelessDataAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-12-15T15:31:39Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iotwireless:SendDataToWirelessDevice" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSIoTWirelessFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-12-15T15:27:57Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iotwireless:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSIoTWirelessFullPublishAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-12-15T15:29:59Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iot:DescribeEndpoint", 11 | "iot:Publish" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSIoTWirelessGatewayCertManager: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-12-15T15:30:48Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iot:CreateKeysAndCertificate", 11 | "iot:DescribeCertificate", 12 | "iot:ListCertificates" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow", 16 | "Sid": "IoTWirelessGatewayCertManager" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSIoTWirelessReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-12-15T15:28:56Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iotwireless:List*", 11 | "iotwireless:Get*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSIotRoboRunnerServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": { 6 | "Effect": "Allow", 7 | "Action": [ 8 | "cloudwatch:PutMetricData" 9 | ], 10 | "Resource": "*", 11 | "Condition": { 12 | "StringEquals": { 13 | "cloudwatch:namespace": [ 14 | "AWS/Usage" 15 | ] 16 | } 17 | } 18 | } 19 | }, 20 | "VersionId": "v1", 21 | "IsDefaultVersion": true, 22 | "CreateDate": "2023-02-21T16:56:31Z" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AWSKeyManagementServiceMultiRegionKeysServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2024-11-13T22:53:54Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "kms:SynchronizeMultiRegionKey" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow", 14 | "Sid": "KMSSynchronizeMultiRegionKey" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSLambdaBasicExecutionRole: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-04-09T15:03:43Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "logs:CreateLogGroup", 11 | "logs:CreateLogStream", 12 | "logs:PutLogEvents" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSLambdaRole: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:41:28Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "lambda:InvokeFunction" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ], 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSLicenseManagerConsumptionPolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-08-11T23:18:08Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": { 8 | "Action": [ 9 | "license-manager:CheckoutLicense", 10 | "license-manager:CheckInLicense", 11 | "license-manager:ExtendLicenseConsumption", 12 | "license-manager:GetLicense" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSMarketplaceGetEntitlements: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2024-04-05T01:27:20Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "aws-marketplace:GetEntitlements" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow", 14 | "Sid": "AWSMarketplaceGetEntitlements" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSMarketplaceMeteringFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2016-03-17T22:39:22Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "aws-marketplace:MeterUsage" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSMarketplaceMeteringRegisterUsage: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-11-21T01:17:54Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "aws-marketplace:RegisterUsage" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSMarketplacePurchaseOrdersServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-10-27T15:12:37Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "purchase-orders:ViewPurchaseOrders", 11 | "purchase-orders:ModifyPurchaseOrders" 12 | ], 13 | "Resource": [ 14 | "*" 15 | ], 16 | "Effect": "Allow", 17 | "Sid": "AllowPurchaseOrderActions" 18 | } 19 | ] 20 | }, 21 | "IsDefaultVersion": true 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSNetworkManagerReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-12-03T17:35:05Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "networkmanager:Describe*", 11 | "networkmanager:Get*", 12 | "networkmanager:List*" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSOpsWorksCloudWatchLogs: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-03-30T17:47:19Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "logs:CreateLogGroup", 11 | "logs:CreateLogStream", 12 | "logs:PutLogEvents", 13 | "logs:DescribeLogStreams" 14 | ], 15 | "Resource": [ 16 | "arn:aws:logs:*:*:*" 17 | ], 18 | "Effect": "Allow" 19 | } 20 | ] 21 | }, 22 | "IsDefaultVersion": true 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AWSOpsWorksInstanceRegistration: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2016-06-03T14:23:15Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "opsworks:DescribeStackProvisioningParameters", 11 | "opsworks:DescribeStacks", 12 | "opsworks:RegisterInstance" 13 | ], 14 | "Resource": [ 15 | "*" 16 | ], 17 | "Effect": "Allow" 18 | } 19 | ] 20 | }, 21 | "IsDefaultVersion": true 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSOutpostsAuthorizeServerPolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-01-04T19:23:22Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "outposts:StartConnection", 11 | "outposts:GetConnection" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSPanoramaSageMakerRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-12-01T13:13:54Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "s3:GetObject", 11 | "s3:PutObject", 12 | "s3:GetBucket*" 13 | ], 14 | "Resource": [ 15 | "arn:aws:s3:::*aws-panorama*" 16 | ], 17 | "Effect": "Allow", 18 | "Sid": "PanoramaSageMakerS3Access" 19 | } 20 | ] 21 | }, 22 | "IsDefaultVersion": true 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AWSPriceListServiceFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2024-07-02T13:34:19Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "pricing:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow", 14 | "Sid": "AWSPriceListServiceFullAccess" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSPrivateCAConnectorForKubernetesPolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2025-05-19T19:22:05Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "acm-pca:DescribeCertificateAuthority", 11 | "acm-pca:GetCertificate", 12 | "acm-pca:IssueCertificate" 13 | ], 14 | "Resource": "arn:aws:acm-pca:*:*:certificate-authority/*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSPrivateCAFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-02-14T18:20:59Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "acm-pca:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSPrivateMarketplaceRequests: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-10-28T21:44:03Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "aws-marketplace:CreatePrivateMarketplaceRequests", 11 | "aws-marketplace:ListPrivateMarketplaceRequests", 12 | "aws-marketplace:DescribePrivateMarketplaceRequests" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSPrivateNetworksServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-12-16T23:17:46Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "cloudwatch:PutMetricData" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow", 14 | "Condition": { 15 | "StringEquals": { 16 | "cloudwatch:namespace": "AWS/Private5G" 17 | } 18 | } 19 | } 20 | ] 21 | }, 22 | "IsDefaultVersion": true 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AWSQuickSightDescribeRDS: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-11-10T23:24:50Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "rds:Describe*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSQuickSightDescribeRedshift: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-11-10T23:25:01Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "redshift:Describe*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSQuickSightIoTAnalyticsAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-11-29T17:00:54Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iotanalytics:ListDatasets", 11 | "iotanalytics:DescribeDataset", 12 | "iotanalytics:GetDatasetContent" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSQuickSightListIAM: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-11-10T23:25:07Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "iam:List*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSResourceAccessManagerFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-06-04T17:28:22Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ram:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSResourceAccessManagerReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-12-09T20:58:37Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ram:Get*", 11 | "ram:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSRoboMakerReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-08-28T23:10:18Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "robomaker:List*", 11 | "robomaker:BatchDescribe*", 12 | "robomaker:Describe*", 13 | "robomaker:Get*" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow", 17 | "Sid": "VisualEditor0" 18 | } 19 | ] 20 | }, 21 | "IsDefaultVersion": true 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSSSODirectoryAdministrator: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-10-20T20:34:07Z", 4 | "VersionId": "v4", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "sso-directory:*", 11 | "identitystore:*", 12 | "identitystore-auth:*", 13 | "sso:ListDirectoryAssociations" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow", 17 | "Sid": "AWSSSODirectoryAdministrator" 18 | } 19 | ] 20 | }, 21 | "IsDefaultVersion": true 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSSavingsPlansFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-11-06T22:45:18Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "savingsplans:*", 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "IsDefaultVersion": true 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AWSSavingsPlansReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-11-06T22:45:10Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "savingsplans:Describe*", 11 | "savingsplans:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSSecurityHubReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2024-02-22T23:45:59Z", 4 | "VersionId": "v4", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "securityhub:Get*", 11 | "securityhub:List*", 12 | "securityhub:BatchGet*", 13 | "securityhub:Describe*" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow", 17 | "Sid": "AWSSecurityHubReadOnlyAccess" 18 | } 19 | ] 20 | }, 21 | "IsDefaultVersion": true 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AWSServiceRoleForCloudWatchAlarmsActionSSMServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-10-01T09:49:01Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ssm:CreateOpsItem" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSServiceRoleForCodeGuru-Profiler: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-06-26T22:04:26Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "sns:Publish" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow", 14 | "Sid": "AllowSNSPublishToSendNotifications" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSServiceRoleForCodeGuruProfiler: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "AllowSNSPublishToSendNotifications", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "sns:Publish" 11 | ], 12 | "Resource": "*" 13 | } 14 | ] 15 | }, 16 | "VersionId": "v1", 17 | "IsDefaultVersion": true, 18 | "CreateDate": "2020-06-24T22:01:10Z" 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSServiceRoleForGroundStationDataflowEndpointGroupPolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-12-13T23:52:45Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ec2:DescribeAddresses", 11 | "ec2:DescribeNetworkInterfaces" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSStepFunctionsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-01-11T21:51:32Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "states:*", 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "IsDefaultVersion": true 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AWSStorageGatewayServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-02-17T19:03:19Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "fsx:ListTagsForResource" 11 | ], 12 | "Resource": "arn:aws:fsx:*:*:backup/*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSSupportAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:41:11Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "support:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AWSSupportAppReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-08-22T17:01:15Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "support:DescribeCases", 11 | "support:DescribeCommunications" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSSupportPlansReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2024-09-09T21:21:02Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "supportplans:GetSupportPlan", 11 | "supportplans:GetSupportPlanUpdateStatus", 12 | "supportplans:ListSupportPlanModifiers" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AWSSystemsManagerForSAPReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-11-17T02:11:44Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ssm-sap:get*", 11 | "ssm-sap:list*" 12 | ], 13 | "Resource": "arn:*:ssm-sap:*:*:*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AWSTransferLoggingAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-01-14T15:32:50Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "logs:CreateLogStream", 11 | "logs:DescribeLogStreams", 12 | "logs:CreateLogGroup", 13 | "logs:PutLogEvents" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AWSWickrFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-11-27T20:36:44Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "wickr:*", 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "IsDefaultVersion": true 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AWSXrayFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2024-04-11T17:07:36Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "xray:*" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ], 15 | "Effect": "Allow", 16 | "Sid": "AWSXrayFullAccess" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AdministratorAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:39:46Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "*", 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "IsDefaultVersion": true 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AlexaForBusinessReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-11-20T00:25:33Z", 4 | "VersionId": "v3", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "a4b:Get*", 11 | "a4b:List*", 12 | "a4b:Search*" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonAPIGatewayAdministrator: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-07-09T17:34:45Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "apigateway:*" 11 | ], 12 | "Resource": "arn:aws:apigateway:*::/*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonAPIGatewayInvokeFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-12-18T18:25:10Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "execute-api:Invoke", 11 | "execute-api:ManageConnections" 12 | ], 13 | "Resource": "arn:aws:execute-api:*:*:*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonAppStreamReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2016-12-07T21:00:06Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "appstream:Get*", 11 | "appstream:List*", 12 | "appstream:Describe*" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonAugmentedAIHumanLoopFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-12-03T16:20:47Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "sagemaker:*HumanLoop", 11 | "sagemaker:*HumanLoops" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonChimeReadOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-12-14T20:53:57Z", 4 | "VersionId": "v10", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "chime:List*", 11 | "chime:Get*", 12 | "chime:Describe*", 13 | "chime:SearchAvailablePhoneNumbers" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonChimeTranscriptionServiceLinkedRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-08-04T21:47:41Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "transcribe:StartStreamTranscription", 11 | "transcribe:StartMedicalStreamTranscription" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonCloudDirectoryFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-02-25T00:41:39Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "clouddirectory:*" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ], 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonCloudDirectoryReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-02-28T23:42:06Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "clouddirectory:List*", 11 | "clouddirectory:Get*", 12 | "clouddirectory:LookupPolicy", 13 | "clouddirectory:BatchRead" 14 | ], 15 | "Resource": [ 16 | "*" 17 | ], 18 | "Effect": "Allow" 19 | } 20 | ] 21 | }, 22 | "IsDefaultVersion": true 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/AmazonCodeCatalystReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-04-20T16:49:12Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "codecatalyst:Get*", 11 | "codecatalyst:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonCodeGuruProfilerAgentAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-05-05T18:11:03Z", 4 | "VersionId": "v3", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "codeguru-profiler:ConfigureAgent", 11 | "codeguru-profiler:CreateProfilingGroup", 12 | "codeguru-profiler:PostAgentProfile" 13 | ], 14 | "Resource": "arn:aws:codeguru-profiler:*:*:profilingGroup/*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonCodeGuruSecurityFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-05-09T21:03:38Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "codeguru-security:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow", 14 | "Sid": "AmazonCodeGuruSecurityFullAccess" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonCognitoIdpServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-06-26T22:30:20Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "cognito-idp:Describe*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonCognitoUnauthenticatedIdentities: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-02-01T22:36:27Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "rum:PutRumEvents", 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "IsDefaultVersion": true 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonConnectVoiceIDFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-09-26T19:04:10Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "voiceid:*", 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "IsDefaultVersion": true 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonDataZonePortalFullAccessPolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": "datazonecontrol:*", 9 | "Resource": "*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2023-03-26T18:24:35Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonDetectiveServiceLinkedRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-11-18T19:47:32Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "organizations:DescribeAccount", 11 | "organizations:ListAccounts" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonEC2ContainerRegistryPullOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2024-10-04T16:58:49Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ecr:GetAuthorizationToken", 11 | "ecr:BatchGetImage", 12 | "ecr:GetDownloadUrlForLayer", 13 | "ecr:BatchImportUpstreamImage" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonEC2ReportsAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Action": "ec2-reports:*", 8 | "Effect": "Allow", 9 | "Resource": "*" 10 | } 11 | ] 12 | }, 13 | "VersionId": "v1", 14 | "IsDefaultVersion": true, 15 | "CreateDate": "2015-02-06T18:40:16Z" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonEC2RoleforAWSCodeDeploy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-03-20T17:14:10Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "s3:GetObject", 11 | "s3:GetObjectVersion", 12 | "s3:ListBucket" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonEKSFargatePodExecutionRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-11-22T04:34:29Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ecr:GetAuthorizationToken", 11 | "ecr:BatchCheckLayerAvailability", 12 | "ecr:GetDownloadUrlForLayer", 13 | "ecr:BatchGetImage" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonEKSWorkerNodeMinimalPolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2024-10-02T20:03:51Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "eks-auth:AssumeRoleForPodIdentity" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow", 14 | "Sid": "WorkerNodePermissions" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonESFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-10-01T19:14:00Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "es:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonESReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-10-03T03:32:56Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "es:Describe*", 11 | "es:List*", 12 | "es:Get*" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonElastiCacheReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:40:21Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "elasticache:Describe*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonElasticContainerRegistryPublicFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-12-01T17:25:52Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ecr-public:*", 11 | "sts:GetServiceBearerToken" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonElasticFileSystemClientFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-01-13T16:27:00Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "elasticfilesystem:ClientMount", 11 | "elasticfilesystem:ClientRootAccess", 12 | "elasticfilesystem:ClientWrite", 13 | "elasticfilesystem:DescribeMountTargets" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonElasticFileSystemClientReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-01-13T16:24:36Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "elasticfilesystem:ClientMount", 11 | "elasticfilesystem:DescribeMountTargets" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonElasticFileSystemClientReadWriteAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-01-13T16:21:55Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "elasticfilesystem:ClientMount", 11 | "elasticfilesystem:ClientWrite", 12 | "elasticfilesystem:DescribeMountTargets" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonElasticMapReduceforAutoScalingRole: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2016-11-18T01:09:10Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "cloudwatch:DescribeAlarms", 11 | "elasticmapreduce:ListInstanceGroups", 12 | "elasticmapreduce:ModifyInstanceGroups" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonEventBridgePipesOperatorAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-12-01T17:04:32Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "pipes:DescribePipe", 11 | "pipes:ListPipes", 12 | "pipes:ListTagsForResource", 13 | "pipes:StartPipe", 14 | "pipes:StopPipe" 15 | ], 16 | "Resource": "*", 17 | "Effect": "Allow" 18 | } 19 | ] 20 | }, 21 | "IsDefaultVersion": true 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AmazonEventBridgePipesReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-12-01T17:04:03Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "pipes:DescribePipe", 11 | "pipes:ListPipes", 12 | "pipes:ListTagsForResource" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonFSxReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-11-28T16:33:32Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "fsx:Describe*", 11 | "fsx:ListTagsForResource" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonFreeRTOSFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-11-29T15:32:51Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "freertos:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonGlacierFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:40:28Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "glacier:*", 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "IsDefaultVersion": true 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonHoneycodeFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-06-24T20:28:11Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "honeycode:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonHoneycodeReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-12-01T17:27:53Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "honeycode:List*", 11 | "honeycode:Get*", 12 | "honeycode:Describe*", 13 | "honeycode:Query*" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonHoneycodeServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-11-18T18:03:08Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "sso:GetManagedApplicationInstance" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonHoneycodeTeamAssociationFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-06-24T20:28:27Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "honeycode:ListTeamAssociations", 11 | "honeycode:ApproveTeamAssociation", 12 | "honeycode:RejectTeamAssociation" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonHoneycodeTeamAssociationReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-06-24T20:27:46Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "honeycode:ListTeamAssociations" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonKendraReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-05-27T17:01:20Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "kendra:Describe*", 11 | "kendra:List*", 12 | "kendra:Query", 13 | "kendra:GetQuerySuggestions" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonKinesisFirehoseFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-10-07T18:45:26Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "firehose:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonKinesisFirehoseReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-10-07T18:43:39Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "firehose:Describe*", 11 | "firehose:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonKinesisFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:40:29Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "kinesis:*", 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "IsDefaultVersion": true 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonKinesisReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:40:30Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "kinesis:Get*", 11 | "kinesis:List*", 12 | "kinesis:Describe*" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonKinesisVideoStreamsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-12-01T23:27:18Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "kinesisvideo:*", 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "IsDefaultVersion": true 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonKinesisVideoStreamsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-12-01T23:14:32Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "kinesisvideo:Describe*", 11 | "kinesisvideo:Get*", 12 | "kinesisvideo:List*" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonLexChannelsAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-01-13T20:12:46Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "lex:ListBots" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonLexV2BotPolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-01-13T20:10:29Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "polly:SynthesizeSpeech" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ], 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonLookoutEquipmentReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-11-10T22:04:33Z", 4 | "VersionId": "v3", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "lookoutequipment:Describe*", 11 | "lookoutequipment:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonLookoutVisionFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-05-11T19:24:54Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "lookoutvision:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow", 14 | "Sid": "LookoutVisionFullAccess" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonMachineLearningCreateOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2016-06-29T20:55:03Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "machinelearning:Add*", 11 | "machinelearning:Create*", 12 | "machinelearning:Delete*", 13 | "machinelearning:Describe*", 14 | "machinelearning:Get*" 15 | ], 16 | "Resource": "*", 17 | "Effect": "Allow" 18 | } 19 | ] 20 | }, 21 | "IsDefaultVersion": true 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AmazonMachineLearningFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-04-09T17:25:41Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "machinelearning:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonMachineLearningManageRealTimeEndpointOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-04-09T17:32:41Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "machinelearning:CreateRealtimeEndpoint", 11 | "machinelearning:DeleteRealtimeEndpoint" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonMachineLearningReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-04-09T17:40:02Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "machinelearning:Describe*", 11 | "machinelearning:Get*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonMachineLearningRealTimePredictionOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-04-09T17:44:06Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "machinelearning:Predict" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonMacieHandshakeRole: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-06-28T15:46:10Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "iam:CreateServiceLinkedRole", 10 | "Resource": "*", 11 | "Effect": "Allow", 12 | "Condition": { 13 | "ForAnyValue:StringEquals": { 14 | "iam:AWSServiceName": "macie.amazonaws.com" 15 | } 16 | } 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonMacieReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-06-15T21:50:06Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "macie2:Describe*", 11 | "macie2:Get*", 12 | "macie2:List*", 13 | "macie2:BatchGetCustomDataIdentifiers", 14 | "macie2:SearchResources" 15 | ], 16 | "Resource": "*", 17 | "Effect": "Allow" 18 | } 19 | ] 20 | }, 21 | "IsDefaultVersion": true 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AmazonMacieServiceRole: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-08-14T14:53:26Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "s3:Get*", 11 | "s3:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonManagedBlockchainFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-04-29T21:39:29Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "managedblockchain:*" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ], 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonManagedBlockchainReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-04-30T18:17:31Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "managedblockchain:Get*", 11 | "managedblockchain:List*" 12 | ], 13 | "Resource": [ 14 | "*" 15 | ], 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonMechanicalTurkCrowdReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Sid": "CrowdApiReadOnlyAccess", 8 | "Effect": "Allow", 9 | "Action": [ 10 | "crowd:GetTask" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ] 15 | } 16 | ] 17 | }, 18 | "VersionId": "v1", 19 | "IsDefaultVersion": true, 20 | "CreateDate": "2017-10-05T18:10:56Z" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonMechanicalTurkFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-12-11T19:08:19Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "mechanicalturk:*" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ], 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonMechanicalTurkReadOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-09-25T21:06:26Z", 4 | "VersionId": "v3", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "mechanicalturk:Get*", 11 | "mechanicalturk:List*" 12 | ], 13 | "Resource": [ 14 | "*" 15 | ], 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonMemoryDBReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-10-08T19:27:28Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "memorydb:Describe*", 11 | "memorydb:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonMobileAnalyticsFinancialReportAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:40:35Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "mobileanalytics:GetReports", 11 | "mobileanalytics:GetFinancialReports" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonMobileAnalyticsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:40:34Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "mobileanalytics:*", 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "IsDefaultVersion": true 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonMobileAnalyticsNon-financialReportAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:40:36Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "mobileanalytics:GetReports", 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "IsDefaultVersion": true 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonMobileAnalyticsWriteOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:40:37Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "mobileanalytics:PutEvents", 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "IsDefaultVersion": true 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonOmicsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-11-29T04:17:07Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "omics:Get*", 11 | "omics:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonOneEnterpriseFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-11-28T04:58:21Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "one:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow", 14 | "Sid": "FullAccessStatementID" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonOneEnterpriseReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-11-28T04:59:23Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "one:Get*", 11 | "one:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow", 15 | "Sid": "ReadOnlyAccessStatementID" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonOpenSearchServiceFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-09-08T05:33:47Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "es:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonOpenSearchServiceReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-09-08T05:38:13Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "es:Describe*", 11 | "es:List*", 12 | "es:Get*" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonPollyFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2016-11-30T18:59:06Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "polly:*" 11 | ], 12 | "Resource": [ 13 | "*" 14 | ], 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonPrometheusQueryAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-12-19T01:02:58Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "aps:GetLabels", 11 | "aps:GetMetricMetadata", 12 | "aps:GetSeries", 13 | "aps:QueryMetrics" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonPrometheusRemoteWriteAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-12-19T01:04:32Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "aps:RemoteWrite" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonRDSDirectoryServiceAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-05-15T16:51:50Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ds:DescribeDirectories", 11 | "ds:AuthorizeApplication", 12 | "ds:UnauthorizeApplication", 13 | "ds:GetAuthorizedApplicationDetails" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonRekognitionFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2016-11-30T14:40:44Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "rekognition:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonRoute53AutoNamingReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-01-18T03:02:59Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "servicediscovery:Get*", 11 | "servicediscovery:List*" 12 | ], 13 | "Resource": [ 14 | "*" 15 | ], 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonRoute53DomainsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:40:56Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "route53:CreateHostedZone", 11 | "route53domains:*" 12 | ], 13 | "Resource": [ 14 | "*" 15 | ], 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonRoute53DomainsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:40:57Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "route53domains:Get*", 11 | "route53domains:List*" 12 | ], 13 | "Resource": [ 14 | "*" 15 | ], 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonRoute53ReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2016-11-15T21:15:16Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "route53:Get*", 11 | "route53:List*", 12 | "route53:TestDNSAnswer" 13 | ], 14 | "Resource": [ 15 | "*" 16 | ], 17 | "Effect": "Allow" 18 | } 19 | ] 20 | }, 21 | "IsDefaultVersion": true 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AmazonRoute53RecoveryClusterFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-08-18T18:37:00Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "route53-recovery-cluster:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonRoute53RecoveryClusterReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-04-01T17:37:55Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "route53-recovery-cluster:GetRoutingControlState", 11 | "route53-recovery-cluster:ListRoutingControls" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonRoute53RecoveryControlConfigFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-08-18T17:48:35Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "route53-recovery-control-config:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonRoute53RecoveryReadinessFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-08-18T16:45:07Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "route53-recovery-readiness:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonS3FullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-09-27T20:16:37Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "s3:*", 11 | "s3-object-lambda:*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonS3ObjectLambdaExecutionRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-08-18T10:07:41Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "logs:CreateLogGroup", 11 | "logs:CreateLogStream", 12 | "logs:PutLogEvents", 13 | "s3-object-lambda:WriteGetObjectResponse" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonS3ReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-08-10T21:31:39Z", 4 | "VersionId": "v3", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "s3:Get*", 11 | "s3:List*", 12 | "s3:Describe*", 13 | "s3-object-lambda:Get*", 14 | "s3-object-lambda:List*" 15 | ], 16 | "Resource": "*", 17 | "Effect": "Allow" 18 | } 19 | ] 20 | }, 21 | "IsDefaultVersion": true 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AmazonS3TablesFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2024-12-03T15:21:07Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "s3tables:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonS3TablesReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2024-12-03T15:21:06Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "s3tables:Get*", 11 | "s3tables:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonSESFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:41:02Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ses:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonSESReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2024-05-14T12:03:02Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ses:Get*", 11 | "ses:List*", 12 | "ses:BatchGetMetricData" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow", 16 | "Sid": "SESReadOnlyAccess" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonSQSFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:41:07Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "sqs:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonSSMAutomationApproverAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-08-07T23:07:28Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ssm:DescribeAutomationExecutions", 11 | "ssm:GetAutomationExecution", 12 | "ssm:SendAutomationSignal" 13 | ], 14 | "Resource": [ 15 | "*" 16 | ], 17 | "Effect": "Allow" 18 | } 19 | ] 20 | }, 21 | "IsDefaultVersion": true 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/AmazonSSMDirectoryServiceAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-03-15T17:44:38Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ds:CreateComputer", 11 | "ds:DescribeDirectories" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonSSMReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-05-29T17:44:19Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ssm:Describe*", 11 | "ssm:Get*", 12 | "ssm:List*" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonSageMakerMechanicalTurkAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-12-03T16:19:36Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "sagemaker:*FlowDefinition", 11 | "sagemaker:*FlowDefinitions" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-02-22T09:53:59Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "codepipeline:StartPipelineExecution", 10 | "Resource": "arn:aws:codepipeline:*:*:sagemaker-*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "IsDefaultVersion": true 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-02-22T09:54:35Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "firehose:PutRecord", 11 | "firehose:PutRecordBatch" 12 | ], 13 | "Resource": "arn:aws:firehose:*:*:deliverystream/sagemaker-*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonSumerianFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "sumerian:*" 10 | ], 11 | "Resource": "*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v1", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2018-04-24T20:14:16Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonTextractFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-11-28T19:07:42Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "textract:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonTextractServiceRole: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-11-28T19:12:16Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "sns:Publish" 11 | ], 12 | "Resource": "arn:aws:sns:*:*:AmazonTextract*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonTranscribeReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-04-04T16:05:06Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "transcribe:Get*", 11 | "transcribe:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/AmazonVPCReachabilityAnalyzerPathComponentReadPolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-05-01T20:38:22Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "network-firewall:Describe*", 11 | "network-firewall:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow", 15 | "Sid": "NetworkFirewallPermissions" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonWorkDocsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-04-16T23:05:11Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "workdocs:*", 11 | "ds:DescribeDirectories", 12 | "ec2:DescribeVpcs", 13 | "ec2:DescribeSubnets" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonWorkDocsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-01-08T23:49:59Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "workdocs:Describe*", 11 | "ds:DescribeDirectories", 12 | "ec2:DescribeVpcs", 13 | "ec2:DescribeSubnets" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AmazonWorkLinkFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "worklink:*" 10 | ], 11 | "Resource": "arn:aws:worklink:*:*:*" 12 | } 13 | ] 14 | }, 15 | "VersionId": "v2", 16 | "IsDefaultVersion": true, 17 | "CreateDate": "2019-09-23T18:37:42Z" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonWorkLinkReadOnly: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "Document": { 4 | "Version": "2012-10-17", 5 | "Statement": [ 6 | { 7 | "Effect": "Allow", 8 | "Action": [ 9 | "worklink:Describe*", 10 | "worklink:List*", 11 | "worklink:Search*" 12 | ], 13 | "Resource": "arn:aws:worklink:*:*:*" 14 | } 15 | ] 16 | }, 17 | "VersionId": "v3", 18 | "IsDefaultVersion": true, 19 | "CreateDate": "2019-09-23T18:37:21Z" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonWorkMailEventsServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-04-16T16:52:43Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "logs:CreateLogGroup", 11 | "logs:CreateLogStream", 12 | "logs:PutLogEvents" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonWorkMailMessageFlowFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-02-11T11:08:35Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "workmailmessageflow:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonWorkMailMessageFlowReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-01-28T12:40:08Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "workmailmessageflow:Get*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/AmazonWorkSpacesApplicationManagerAdminAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-04-09T14:03:18Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "wam:AuthenticatePackager", 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "IsDefaultVersion": true 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/AmazonWorkSpacesSelfServiceAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-06-27T19:22:52Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "workspaces:RebootWorkspaces", 11 | "workspaces:RebuildWorkspaces", 12 | "workspaces:ModifyWorkspaceProperties" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonWorkSpacesServiceAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-03-18T23:32:10Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ec2:CreateNetworkInterface", 11 | "ec2:DeleteNetworkInterface", 12 | "ec2:DescribeNetworkInterfaces" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AmazonZocaloReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:41:14Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "zocalo:Describe*", 11 | "ds:DescribeDirectories", 12 | "ec2:DescribeVpcs", 13 | "ec2:DescribeSubnets" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/AutoScalingNotificationAccessRole: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:41:22Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "sqs:SendMessage", 11 | "sqs:GetQueueUrl", 12 | "sns:Publish" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/AutoScalingReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-01-12T19:39:35Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "autoscaling:Describe*", 10 | "Resource": "*", 11 | "Effect": "Allow" 12 | } 13 | ] 14 | }, 15 | "IsDefaultVersion": true 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /policies/CertificateManagerServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-06-25T17:56:49Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "acm-pca:IssueCertificate", 11 | "acm-pca:GetCertificate" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/ClientVPNServiceConnectionsRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-08-12T19:48:06Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "lambda:InvokeFunction" 11 | ], 12 | "Resource": "arn:aws:lambda:*:*:function:AWSClientVPN-*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/CloudSearchFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:39:56Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "cloudsearch:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/CloudSearchReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:39:57Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "cloudsearch:Describe*", 11 | "cloudsearch:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/CloudWatch-CrossAccountAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-07-23T09:59:27Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "sts:AssumeRole" 11 | ], 12 | "Resource": [ 13 | "arn:aws:iam::*:role/CloudWatch-CrossAccountSharing*" 14 | ], 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/CloudWatchActionsEC2Access: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-07-07T00:00:33Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "cloudwatch:Describe*", 11 | "ec2:Describe*", 12 | "ec2:RebootInstances", 13 | "ec2:StopInstances", 14 | "ec2:TerminateInstances" 15 | ], 16 | "Resource": "*", 17 | "Effect": "Allow" 18 | } 19 | ] 20 | }, 21 | "IsDefaultVersion": true 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/CloudWatchApplicationInsightsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-11-24T18:48:00Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "applicationinsights:Describe*", 11 | "applicationinsights:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/CloudWatchEventsInvocationAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2016-01-14T18:36:33Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "kinesis:PutRecord" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow", 14 | "Sid": "CloudWatchEventsInvocationAccess" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/CloudWatchLogsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2025-05-20T17:07:06Z", 4 | "VersionId": "v3", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "logs:*", 11 | "cloudwatch:GenerateQuery", 12 | "cloudwatch:GenerateQueryResultsSummary" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow", 16 | "Sid": "CloudWatchLogsFullAccess" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/CloudWatchNetworkFlowMonitorAgentPublishPolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2024-12-01T22:51:06Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "networkflowmonitor:Publish" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/CloudWatchSyntheticsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-03-06T19:26:01Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "synthetics:Describe*", 11 | "synthetics:Get*", 12 | "synthetics:List*" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/ComprehendDataAccessRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-03-06T22:28:15Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": { 8 | "Action": [ 9 | "s3:GetObject", 10 | "s3:ListBucket", 11 | "s3:PutObject" 12 | ], 13 | "Resource": [ 14 | "arn:aws:s3:::*Comprehend*", 15 | "arn:aws:s3:::*comprehend*" 16 | ], 17 | "Effect": "Allow" 18 | } 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/ComprehendFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-12-05T01:36:24Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "comprehend:*", 11 | "s3:ListAllMyBuckets", 12 | "s3:ListBucket", 13 | "s3:GetBucketLocation", 14 | "iam:ListRoles", 15 | "iam:GetRole" 16 | ], 17 | "Resource": "*", 18 | "Effect": "Allow" 19 | } 20 | ] 21 | }, 22 | "IsDefaultVersion": true 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /policies/ComprehendMedicalFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-11-27T17:55:52Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "comprehendmedical:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/EC2InstanceConnect: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-06-27T18:53:34Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ec2:DescribeInstances", 11 | "ec2-instance-connect:SendSSHPublicKey" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow", 15 | "Sid": "EC2InstanceConnect" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/ECRReplicationServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-12-04T22:11:28Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ecr:CreateRepository", 11 | "ecr:ReplicateImage" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/ECRTemplateServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2024-06-19T23:11:37Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ecr:CreateRepository" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow", 14 | "Sid": "CreateRepositoryWithTemplate" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/EMRDescribeClusterPolicyForEMRWAL: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-06-15T23:30:22Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "elasticmapreduce:DescribeCluster" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/ElementalActivationsDownloadSoftwareAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-09-08T17:26:09Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "elemental-activations:Get*", 11 | "elemental-activations:Download*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/ElementalActivationsFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-06-04T21:00:13Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "elemental-activations:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/ElementalActivationsGenerateLicenses: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-08-28T18:28:58Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "elemental-activations:Get*", 11 | "elemental-activations:GenerateLicenses", 12 | "elemental-activations:StartFileUpload", 13 | "elemental-activations:CompleteFileUpload" 14 | ], 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/ElementalActivationsReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-08-28T16:51:01Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "elemental-activations:Get*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/ElementalAppliancesSoftwareFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-02-05T21:01:25Z", 4 | "VersionId": "v4", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "elemental-appliances-software:*", 11 | "elemental-activations:CompleteAccountRegistration" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/ElementalAppliancesSoftwareReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-04-01T22:31:09Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "elemental-appliances-software:List*", 11 | "elemental-appliances-software:Get*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/ElementalSupportCenterFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2021-02-05T21:02:54Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "elemental-support-cases:*", 11 | "elemental-support-content:*", 12 | "elemental-activations:CompleteAccountRegistration" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/GlobalAcceleratorReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-11-27T02:41:00Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "globalaccelerator:Describe*", 11 | "globalaccelerator:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/GreengrassOTAUpdateArtifactAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-12-18T00:59:43Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "s3:GetObject" 11 | ], 12 | "Resource": [ 13 | "arn:aws:s3:::*-greengrass-updates/*" 14 | ], 15 | "Effect": "Allow", 16 | "Sid": "AllowsIotToAccessGreengrassOTAUpdateArtifacts" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/GroundTruthSyntheticConsoleFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-08-25T15:58:49Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "sagemaker-groundtruth-synthetic:*", 11 | "s3:ListBucket" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/GroundTruthSyntheticConsoleReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-08-25T15:58:49Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "sagemaker-groundtruth-synthetic:List*", 11 | "sagemaker-groundtruth-synthetic:Get*", 12 | "s3:ListBucket" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/IVSFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-12-13T21:20:21Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "ivs:*", 11 | "ivschat:*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow", 15 | "Sid": "IVSFullAccess" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/IVSRecordToS3: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-12-05T00:10:43Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "s3:PutObject" 11 | ], 12 | "Resource": [ 13 | "arn:aws:s3:::AWSIVS_*/ivs/*" 14 | ], 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/LakeFormationDataAccessServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2024-02-06T18:37:31Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "s3:ListAllMyBuckets" 11 | ], 12 | "Resource": [ 13 | "arn:aws:s3:::*" 14 | ], 15 | "Effect": "Allow", 16 | "Sid": "LakeFormationDataAccessServiceRolePolicy" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/LexChannelPolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2017-02-17T23:23:24Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "lex:PostText" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/MediaConnectGatewayInstanceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-03-22T20:43:25Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "mediaconnect:DiscoverGatewayPollEndpoint", 11 | "mediaconnect:PollGateway", 12 | "mediaconnect:SubmitGatewayStateChange" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow", 16 | "Sid": "MediaConnectGateway" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/MonitronServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-05-02T19:22:03Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "logs:CreateLogGroup", 11 | "logs:CreateLogStream", 12 | "logs:PutLogEvents" 13 | ], 14 | "Resource": [ 15 | "arn:aws:logs:*:*:log-group:/aws/monitron/*" 16 | ], 17 | "Effect": "Allow" 18 | } 19 | ] 20 | }, 21 | "IsDefaultVersion": true 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /policies/OAMFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-11-27T13:38:29Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "oam:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/OAMReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2022-11-27T13:29:39Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "oam:Get*", 11 | "oam:List*" 12 | ], 13 | "Resource": "*", 14 | "Effect": "Allow" 15 | } 16 | ] 17 | }, 18 | "IsDefaultVersion": true 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /policies/ResourceGroupsServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-01-05T16:57:08Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "tag:GetResources", 11 | "cloudformation:DescribeStacks", 12 | "cloudformation:ListStackResources" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /policies/SMSVoiceServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2024-11-14T17:04:34Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "cloudwatch:PutMetricData", 10 | "Resource": "*", 11 | "Effect": "Allow", 12 | "Condition": { 13 | "StringEquals": { 14 | "cloudwatch:namespace": "AWS/SMSVoice" 15 | } 16 | } 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/ServerMigrationServiceRoleForInstanceValidation: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2020-07-20T22:25:07Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": "s3:GetObject", 10 | "Resource": "arn:aws:s3:::sms-app-*/*", 11 | "Effect": "Allow" 12 | }, 13 | { 14 | "Action": "sms:NotifyAppValidationOutput", 15 | "Resource": "*", 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/ServiceQuotasServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2019-06-24T14:52:56Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "support:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/SimpleWorkflowFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2015-02-06T18:41:04Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "swf:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/VPCLatticeServicesInvokeAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-03-30T02:45:07Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "vpc-lattice-svcs:Invoke" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/WAFLoggingServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-08-24T21:05:47Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "firehose:PutRecord", 11 | "firehose:PutRecordBatch" 12 | ], 13 | "Resource": [ 14 | "arn:aws:firehose:*:*:deliverystream/aws-waf-logs-*" 15 | ], 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/WAFRegionalLoggingServiceRolePolicy: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-08-24T18:40:55Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "firehose:PutRecord", 11 | "firehose:PutRecordBatch" 12 | ], 13 | "Resource": [ 14 | "arn:aws:firehose:*:*:deliverystream/aws-waf-logs-*" 15 | ], 16 | "Effect": "Allow" 17 | } 18 | ] 19 | }, 20 | "IsDefaultVersion": true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /policies/WellArchitectedConsoleFullAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2018-11-29T18:19:23Z", 4 | "VersionId": "v1", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "wellarchitected:*" 11 | ], 12 | "Resource": "*", 13 | "Effect": "Allow" 14 | } 15 | ] 16 | }, 17 | "IsDefaultVersion": true 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /policies/WellArchitectedConsoleReadOnlyAccess: -------------------------------------------------------------------------------- 1 | { 2 | "PolicyVersion": { 3 | "CreateDate": "2023-06-29T17:16:13Z", 4 | "VersionId": "v2", 5 | "Document": { 6 | "Version": "2012-10-17", 7 | "Statement": [ 8 | { 9 | "Action": [ 10 | "wellarchitected:Get*", 11 | "wellarchitected:List*", 12 | "wellarchitected:ExportLens" 13 | ], 14 | "Resource": "*", 15 | "Effect": "Allow" 16 | } 17 | ] 18 | }, 19 | "IsDefaultVersion": true 20 | } 21 | } 22 | --------------------------------------------------------------------------------