Merge pull request #1110 from udondan/iam-updates

CHANGELOG/v0.668.0.md

@@ -0,0 +1,19 @@
+**New actions:**
+
+- cloudtrail:SearchSampleQueries
+- deadline:CreateLimit
+- deadline:CreateQueueLimitAssociation
+- deadline:DeleteLimit
+- deadline:DeleteQueueLimitAssociation
+- deadline:GetLimit
+- deadline:GetQueueLimitAssociation
+- deadline:ListLimits
+- deadline:ListQueueLimitAssociations
+- deadline:UpdateLimit
+- deadline:UpdateQueueLimitAssociation
+- transcribe:GetMedicalScribeStream
+- transcribe:StartMedicalScribeStream
+
+**Updated action access level:**
+
+- deadline:GetJobTemplate: Write -> Read

README.md

@@ -17,7 +17,7 @@
 Support for:
 
 - 417 Services
-- 18222 Actions
+- 18235 Actions
 - 1960 Resource Types
 - 1909 Condition keys
 <!-- /stats -->

VERSION

@@ -1 +1 @@
-0.667.0
+0.668.0

docs/source/conf.py

@@ -24,7 +24,7 @@
 author = 'Daniel Schroeder'
 
 # The full version, including alpha/beta/rc tags
-release = '0.667.0'
+release = '0.668.0'
 
 # -- General configuration ---------------------------------------------------
 

docs/source/index.rst

@@ -31,7 +31,7 @@ AWS IAM policy statement generator with fluent interface.
 Support for:
 
 - 417 Services
-- 18222 Actions
+- 18235 Actions
 - 1960 Resource Types
 - 1909 Condition keys
 

lib/generated/policy-statements/cloudtrail.ts

@@ -640,6 +640,17 @@ export class Cloudtrail extends PolicyStatement {
     return this.to('RestoreEventDataStore');
   }
 
+  /**
+   * Grants permission to perform semantic search for CloudTrail Lake sample queries
+   *
+   * Access Level: Read
+   *
+   * https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-console-queries.html
+   */
+  public toSearchSampleQueries() {
+    return this.to('SearchSampleQueries');
+  }
+
   /**
    * Grants permission to start a refresh on the specified dashboard
    *
@@ -866,7 +877,8 @@ export class Cloudtrail extends PolicyStatement {
       'ListImportFailures',
       'ListPublicKeys',
       'ListTags',
-      'LookupEvents'
+      'LookupEvents',
+      'SearchSampleQueries'
     ],
     List: [
       'ListChannels',

lib/generated/policy-statements/deadlinecloud.ts

@@ -247,6 +247,7 @@ export class Deadline extends PolicyStatement {
    * Access Level: Write
    *
    * Dependent actions:
+   * - deadline:GetJobTemplate
    * - identitystore:ListGroupMembershipsForMember
    *
    * https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_CreateJob.html
@@ -276,6 +277,20 @@ export class Deadline extends PolicyStatement {
     return this.to('CreateLicenseEndpoint');
   }
 
+  /**
+   * Grants permission to create a limit for a farm
+   *
+   * Access Level: Write
+   *
+   * Dependent actions:
+   * - identitystore:ListGroupMembershipsForMember
+   *
+   * https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_CreateLimit.html
+   */
+  public toCreateLimit() {
+    return this.to('CreateLimit');
+  }
+
   /**
    * Grants permission to create a monitor
    *
@@ -345,6 +360,20 @@ export class Deadline extends PolicyStatement {
     return this.to('CreateQueueFleetAssociation');
   }
 
+  /**
+   * Grants permission to create a queue-limit association
+   *
+   * Access Level: Write
+   *
+   * Dependent actions:
+   * - identitystore:ListGroupMembershipsForMember
+   *
+   * https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_CreateQueueLimitAssociation.html
+   */
+  public toCreateQueueLimitAssociation() {
+    return this.to('CreateQueueLimitAssociation');
+  }
+
   /**
    * Grants permission to create a storage profile for a farm
    *
@@ -427,6 +456,20 @@ export class Deadline extends PolicyStatement {
     return this.to('DeleteLicenseEndpoint');
   }
 
+  /**
+   * Grants permission to delete a limit
+   *
+   * Access Level: Write
+   *
+   * Dependent actions:
+   * - identitystore:ListGroupMembershipsForMember
+   *
+   * https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_DeleteLimit.html
+   */
+  public toDeleteLimit() {
+    return this.to('DeleteLimit');
+  }
+
   /**
    * Grants permission to delete a metered product
    *
@@ -494,6 +537,20 @@ export class Deadline extends PolicyStatement {
     return this.to('DeleteQueueFleetAssociation');
   }
 
+  /**
+   * Grants permission to delete a queue-limit association
+   *
+   * Access Level: Write
+   *
+   * Dependent actions:
+   * - identitystore:ListGroupMembershipsForMember
+   *
+   * https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_DeleteQueueLimitAssociation.html
+   */
+  public toDeleteQueueLimitAssociation() {
+    return this.to('DeleteQueueLimitAssociation');
+  }
+
   /**
    * Grants permission to delete a storage profile
    *
@@ -657,7 +714,7 @@ export class Deadline extends PolicyStatement {
   /**
    * Grants permission to read job template
    *
-   * Access Level: Write
+   * Access Level: Read
    */
   public toGetJobTemplate() {
     return this.to('GetJobTemplate');
@@ -674,6 +731,20 @@ export class Deadline extends PolicyStatement {
     return this.to('GetLicenseEndpoint');
   }
 
+  /**
+   * Grants permission to get a limit
+   *
+   * Access Level: Read
+   *
+   * Dependent actions:
+   * - identitystore:ListGroupMembershipsForMember
+   *
+   * https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_GetLimit.html
+   */
+  public toGetLimit() {
+    return this.to('GetLimit');
+  }
+
   /**
    * Grants permission to get a monitor
    *
@@ -727,6 +798,20 @@ export class Deadline extends PolicyStatement {
     return this.to('GetQueueFleetAssociation');
   }
 
+  /**
+   * Grants permission to get a queue-limit association
+   *
+   * Access Level: Read
+   *
+   * Dependent actions:
+   * - identitystore:ListGroupMembershipsForMember
+   *
+   * https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_GetQueueLimitAssociation.html
+   */
+  public toGetQueueLimitAssociation() {
+    return this.to('GetQueueLimitAssociation');
+  }
+
   /**
    * Grants permission to get a session for a job
    *
@@ -991,6 +1076,20 @@ export class Deadline extends PolicyStatement {
     return this.to('ListLicenseEndpoints');
   }
 
+  /**
+   * Grants permission to list all limits in a farm
+   *
+   * Access Level: List
+   *
+   * Dependent actions:
+   * - identitystore:ListGroupMembershipsForMember
+   *
+   * https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_ListLimits.html
+   */
+  public toListLimits() {
+    return this.to('ListLimits');
+  }
+
   /**
    * Grants permission to list all metered products in a license endpoint
    *
@@ -1041,6 +1140,20 @@ export class Deadline extends PolicyStatement {
     return this.to('ListQueueFleetAssociations');
   }
 
+  /**
+   * Grants permission to list all queue-limit associations
+   *
+   * Access Level: List
+   *
+   * Dependent actions:
+   * - identitystore:ListGroupMembershipsForMember
+   *
+   * https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_ListQueueLimitAssociations.html
+   */
+  public toListQueueLimitAssociations() {
+    return this.to('ListQueueLimitAssociations');
+  }
+
   /**
    * Grants permission to list all members in a queue
    *
@@ -1393,6 +1506,20 @@ export class Deadline extends PolicyStatement {
     return this.to('UpdateJob');
   }
 
+  /**
+   * Grants permission to update a limit for a farm
+   *
+   * Access Level: Write
+   *
+   * Dependent actions:
+   * - identitystore:ListGroupMembershipsForMember
+   *
+   * https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_UpdateLimit.html
+   */
+  public toUpdateLimit() {
+    return this.to('UpdateLimit');
+  }
+
   /**
    * Grants permission to update a monitor
    *
@@ -1452,6 +1579,20 @@ export class Deadline extends PolicyStatement {
     return this.to('UpdateQueueFleetAssociation');
   }
 
+  /**
+   * Grants permission to update a queue-limit association
+   *
+   * Access Level: Write
+   *
+   * Dependent actions:
+   * - identitystore:ListGroupMembershipsForMember
+   *
+   * https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_UpdateQueueLimitAssociation.html
+   */
+  public toUpdateQueueLimitAssociation() {
+    return this.to('UpdateQueueLimitAssociation');
+  }
+
   /**
    * Grants permission to update a session for a job
    *
@@ -1559,33 +1700,38 @@ export class Deadline extends PolicyStatement {
       'CreateFleet',
       'CreateJob',
       'CreateLicenseEndpoint',
+      'CreateLimit',
       'CreateMonitor',
       'CreateQueue',
       'CreateQueueEnvironment',
       'CreateQueueFleetAssociation',
+      'CreateQueueLimitAssociation',
       'CreateStorageProfile',
       'CreateWorker',
       'DeleteBudget',
       'DeleteFarm',
       'DeleteFleet',
       'DeleteLicenseEndpoint',
+      'DeleteLimit',
       'DeleteMeteredProduct',
       'DeleteMonitor',
       'DeleteQueue',
       'DeleteQueueEnvironment',
       'DeleteQueueFleetAssociation',
+      'DeleteQueueLimitAssociation',
       'DeleteStorageProfile',
       'DeleteWorker',
-      'GetJobTemplate',
       'PutMeteredProduct',
       'UpdateBudget',
       'UpdateFarm',
       'UpdateFleet',
       'UpdateJob',
+      'UpdateLimit',
       'UpdateMonitor',
       'UpdateQueue',
       'UpdateQueueEnvironment',
       'UpdateQueueFleetAssociation',
+      'UpdateQueueLimitAssociation',
       'UpdateSession',
       'UpdateStep',
       'UpdateStorageProfile',
@@ -1600,11 +1746,14 @@ export class Deadline extends PolicyStatement {
       'GetFarm',
       'GetFleet',
       'GetJob',
+      'GetJobTemplate',
       'GetLicenseEndpoint',
+      'GetLimit',
       'GetMonitor',
       'GetQueue',
       'GetQueueEnvironment',
       'GetQueueFleetAssociation',
+      'GetQueueLimitAssociation',
       'GetSession',
       'GetSessionAction',
       'GetSessionsStatisticsAggregation',
@@ -1626,10 +1775,12 @@ export class Deadline extends PolicyStatement {
       'ListJobParameterDefinitions',
       'ListJobs',
       'ListLicenseEndpoints',
+      'ListLimits',
       'ListMeteredProducts',
       'ListMonitors',
       'ListQueueEnvironments',
       'ListQueueFleetAssociations',
+      'ListQueueLimitAssociations',
       'ListQueueMembers',
       'ListQueues',
       'ListSessionActions',

lib/generated/policy-statements/elasticcontainerservice.ts

@@ -1011,7 +1011,7 @@ export class Ecs extends PolicyStatement {
   /**
    * Adds a resource of type container-instance to the statement
    *
-   * https://docs.aws.amazon.com/AmazonECS/latest/developerguide/manage-capacity.html
+   * https://docs.aws.amazon.com/AmazonECS/latest/developerguide/create-capacity.html
    *
    * @param clusterName - Identifier for the clusterName.
    * @param containerInstanceId - Identifier for the containerInstanceId.
@@ -1129,7 +1129,7 @@ export class Ecs extends PolicyStatement {
   /**
    * Adds a resource of type capacity-provider to the statement
    *
-   * https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-capacity-providers.html
+   * https://docs.aws.amazon.com/AmazonECS/latest/developerguide/create-capacity-provider-console-v2.html
    *
    * @param capacityProviderName - Identifier for the capacityProviderName.
    * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.

lib/generated/policy-statements/licensemanager.ts

@@ -689,7 +689,7 @@ export class LicenseManager extends PolicyStatement {
   /**
    * Adds a resource of type report-generator to the statement
    *
-   * https://docs.aws.amazon.com/license-manager/latest/userguide/report-generators.html
+   * https://docs.aws.amazon.com/license-manager/latest/userguide/license-reporting.html
    *
    * @param reportGeneratorId - Identifier for the reportGeneratorId.
    * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.