Instantly share code, notes, and snippets.

Embed
What would you like to do?
A list of all AWS managed policies and they're policy documents as well as a short script to generate the list
<
{
"APIGatewayServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/APIGatewayServiceRolePolicy",
"AttachmentCount": 1,
"CreateDate": "2018-08-10T17:57:44+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"elasticloadbalancing:AddListenerCertificates",
"elasticloadbalancing:RemoveListenerCertificates",
"elasticloadbalancing:ModifyListener",
"xray:PutTraceSegments",
"xray:PutTelemetryRecords",
"xray:GetSamplingTargets",
"xray:GetSamplingRules"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJQQDZNLDBF2ULTWK6",
"PolicyName": "APIGatewayServiceRolePolicy",
"UpdateDate": "2018-08-10T17:57:44+00:00",
"VersionId": "v3"
},
"AWSAccountActivityAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSAccountActivityAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:18+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"aws-portal:ViewBilling"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJQRYCWMFX5J3E333K",
"PolicyName": "AWSAccountActivityAccess",
"UpdateDate": "2015-02-06T18:41:18+00:00",
"VersionId": "v1"
},
"AWSAccountUsageReportAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSAccountUsageReportAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:19+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"aws-portal:ViewUsage"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJLIB4VSBVO47ZSBB6",
"PolicyName": "AWSAccountUsageReportAccess",
"UpdateDate": "2015-02-06T18:41:19+00:00",
"VersionId": "v1"
},
"AWSAgentlessDiscoveryService": {
"Arn": "arn:aws:iam::aws:policy/AWSAgentlessDiscoveryService",
"AttachmentCount": 0,
"CreateDate": "2016-08-02T01:35:11+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"awsconnector:RegisterConnector",
"awsconnector:GetConnectorHealth"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:GetUser",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:GetObject",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::connector-platform-upgrade-info/*",
"arn:aws:s3:::connector-platform-upgrade-info",
"arn:aws:s3:::connector-platform-upgrade-bundles/*",
"arn:aws:s3:::connector-platform-upgrade-bundles",
"arn:aws:s3:::connector-platform-release-notes/*",
"arn:aws:s3:::connector-platform-release-notes",
"arn:aws:s3:::prod.agentless.discovery.connector.upgrade/*",
"arn:aws:s3:::prod.agentless.discovery.connector.upgrade"
]
},
{
"Action": [
"s3:PutObject",
"s3:PutObjectAcl"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::import-to-ec2-connector-debug-logs/*"
]
},
{
"Action": [
"SNS:Publish"
],
"Effect": "Allow",
"Resource": "arn:aws:sns:*:*:metrics-sns-topic-for-*"
},
{
"Action": [
"Discovery:*"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "Discovery"
},
{
"Action": [
"arsenal:RegisterOnPremisesAgent"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "arsenal"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIA3DIL7BYQ35ISM4K",
"PolicyName": "AWSAgentlessDiscoveryService",
"UpdateDate": "2016-08-02T01:35:11+00:00",
"VersionId": "v1"
},
"AWSAppSyncAdministrator": {
"Arn": "arn:aws:iam::aws:policy/AWSAppSyncAdministrator",
"AttachmentCount": 0,
"CreateDate": "2018-03-20T21:20:28+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"appsync:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringEquals": {
"iam:PassedToService": [
"appsync.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJBYY36AJPXTTWIXCY",
"PolicyName": "AWSAppSyncAdministrator",
"UpdateDate": "2018-03-20T21:20:28+00:00",
"VersionId": "v1"
},
"AWSAppSyncInvokeFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSAppSyncInvokeFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-03-20T21:21:20+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"appsync:GraphQL",
"appsync:GetGraphqlApi",
"appsync:ListGraphqlApis",
"appsync:ListApiKeys"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAILMPWRRZN27MPE3VM",
"PolicyName": "AWSAppSyncInvokeFullAccess",
"UpdateDate": "2018-03-20T21:21:20+00:00",
"VersionId": "v1"
},
"AWSAppSyncPushToCloudWatchLogs": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSAppSyncPushToCloudWatchLogs",
"AttachmentCount": 0,
"CreateDate": "2018-04-09T19:38:55+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIWN7WNO34HLMJPUQS",
"PolicyName": "AWSAppSyncPushToCloudWatchLogs",
"UpdateDate": "2018-04-09T19:38:55+00:00",
"VersionId": "v1"
},
"AWSAppSyncSchemaAuthor": {
"Arn": "arn:aws:iam::aws:policy/AWSAppSyncSchemaAuthor",
"AttachmentCount": 0,
"CreateDate": "2018-03-20T21:21:06+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"appsync:GraphQL",
"appsync:CreateResolver",
"appsync:CreateType",
"appsync:DeleteResolver",
"appsync:DeleteType",
"appsync:GetResolver",
"appsync:GetType",
"appsync:GetDataSource",
"appsync:GetSchemaCreationStatus",
"appsync:GetIntrospectionSchema",
"appsync:GetGraphqlApi",
"appsync:ListTypes",
"appsync:ListApiKeys",
"appsync:ListResolvers",
"appsync:ListDataSources",
"appsync:ListGraphqlApis",
"appsync:StartSchemaCreation",
"appsync:UpdateResolver",
"appsync:UpdateType"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIUCF5WVTOFQXFKY5E",
"PolicyName": "AWSAppSyncSchemaAuthor",
"UpdateDate": "2018-03-20T21:21:06+00:00",
"VersionId": "v1"
},
"AWSApplicationAutoScalingCustomResourcePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoScalingCustomResourcePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-06-04T23:22:44+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"execute-api:Invoke",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJYTKXPX6DO32Z4XXA",
"PolicyName": "AWSApplicationAutoScalingCustomResourcePolicy",
"UpdateDate": "2018-06-04T23:22:44+00:00",
"VersionId": "v1"
},
"AWSApplicationAutoscalingAppStreamFleetPolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingAppStreamFleetPolicy",
"AttachmentCount": 0,
"CreateDate": "2017-10-20T19:04:06+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"appstream:UpdateFleet",
"appstream:DescribeFleets",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIRI724OWKP56ZG62M",
"PolicyName": "AWSApplicationAutoscalingAppStreamFleetPolicy",
"UpdateDate": "2017-10-20T19:04:06+00:00",
"VersionId": "v1"
},
"AWSApplicationAutoscalingDynamoDBTablePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingDynamoDBTablePolicy",
"AttachmentCount": 1,
"CreateDate": "2017-10-20T21:34:57+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"dynamodb:DescribeTable",
"dynamodb:UpdateTable",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJOVQMDI3JFCBW4LFO",
"PolicyName": "AWSApplicationAutoscalingDynamoDBTablePolicy",
"UpdateDate": "2017-10-20T21:34:57+00:00",
"VersionId": "v1"
},
"AWSApplicationAutoscalingEC2SpotFleetRequestPolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingEC2SpotFleetRequestPolicy",
"AttachmentCount": 0,
"CreateDate": "2017-10-25T18:23:27+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeSpotFleetRequests",
"ec2:ModifySpotFleetRequest",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJNRH3VE3WW4Q4RDTU",
"PolicyName": "AWSApplicationAutoscalingEC2SpotFleetRequestPolicy",
"UpdateDate": "2017-10-25T18:23:27+00:00",
"VersionId": "v1"
},
"AWSApplicationAutoscalingECSServicePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingECSServicePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-10-25T23:53:08+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ecs:DescribeServices",
"ecs:UpdateService",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJFXLLV7AKH5PSFOYG",
"PolicyName": "AWSApplicationAutoscalingECSServicePolicy",
"UpdateDate": "2017-10-25T23:53:08+00:00",
"VersionId": "v1"
},
"AWSApplicationAutoscalingEMRInstanceGroupPolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingEMRInstanceGroupPolicy",
"AttachmentCount": 0,
"CreateDate": "2017-10-26T00:57:39+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"elasticmapreduce:ListInstanceGroups",
"elasticmapreduce:ModifyInstanceGroups",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIQ6M5Z7LQY2YSG2JS",
"PolicyName": "AWSApplicationAutoscalingEMRInstanceGroupPolicy",
"UpdateDate": "2017-10-26T00:57:39+00:00",
"VersionId": "v1"
},
"AWSApplicationAutoscalingRDSClusterPolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingRDSClusterPolicy",
"AttachmentCount": 0,
"CreateDate": "2018-08-07T19:14:24+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"rds:AddTagsToResource",
"rds:CreateDBInstance",
"rds:DeleteDBInstance",
"rds:DescribeDBClusters",
"rds:DescribeDBInstances",
"rds:ModifyDBCluster",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLike": {
"iam:PassedToService": "rds.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ7XS52I27Q2JVKALU",
"PolicyName": "AWSApplicationAutoscalingRDSClusterPolicy",
"UpdateDate": "2018-08-07T19:14:24+00:00",
"VersionId": "v3"
},
"AWSApplicationAutoscalingSageMakerEndpointPolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingSageMakerEndpointPolicy",
"AttachmentCount": 0,
"CreateDate": "2018-02-06T19:58:21+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"sagemaker:DescribeEndpoint",
"sagemaker:DescribeEndpointConfig",
"sagemaker:UpdateEndpointWeightsAndCapacities",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI5DBEBNRZQ4SXYTAW",
"PolicyName": "AWSApplicationAutoscalingSageMakerEndpointPolicy",
"UpdateDate": "2018-02-06T19:58:21+00:00",
"VersionId": "v1"
},
"AWSApplicationDiscoveryAgentAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSApplicationDiscoveryAgentAccess",
"AttachmentCount": 0,
"CreateDate": "2016-05-11T21:38:47+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"arsenal:RegisterOnPremisesAgent"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAICZIOVAGC6JPF3WHC",
"PolicyName": "AWSApplicationDiscoveryAgentAccess",
"UpdateDate": "2016-05-11T21:38:47+00:00",
"VersionId": "v1"
},
"AWSApplicationDiscoveryServiceFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSApplicationDiscoveryServiceFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-08-16T16:02:27+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"mgh:*",
"discovery:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:GetRole"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringEquals": {
"iam:AWSServiceName": "continuousexport.discovery.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/continuousexport.discovery.amazonaws.com/AWSServiceRoleForApplicationDiscoveryServiceContinuousExport*"
},
{
"Action": [
"iam:DeleteServiceLinkedRole",
"iam:GetServiceLinkedRoleDeletionStatus"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/continuousexport.discovery.amazonaws.com/AWSServiceRoleForApplicationDiscoveryServiceContinuousExport*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJBNJEA6ZXM2SBOPDU",
"PolicyName": "AWSApplicationDiscoveryServiceFullAccess",
"UpdateDate": "2018-08-16T16:02:27+00:00",
"VersionId": "v3"
},
"AWSArtifactAccountSync": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSArtifactAccountSync",
"AttachmentCount": 0,
"CreateDate": "2018-04-10T23:04:33+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"organizations:ListAccounts",
"organizations:DescribeOrganization"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJMVPXRWZJZWDTYDNC",
"PolicyName": "AWSArtifactAccountSync",
"UpdateDate": "2018-04-10T23:04:33+00:00",
"VersionId": "v1"
},
"AWSAutoScalingPlansEC2AutoScalingPolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSAutoScalingPlansEC2AutoScalingPolicy",
"AttachmentCount": 0,
"CreateDate": "2018-08-23T22:46:59+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:GetMetricData",
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribeScheduledActions",
"autoscaling:BatchPutScheduledUpdateGroupAction",
"autoscaling:BatchDeleteScheduledAction"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIXWLPZPD4RYBM3JSU",
"PolicyName": "AWSAutoScalingPlansEC2AutoScalingPolicy",
"UpdateDate": "2018-08-23T22:46:59+00:00",
"VersionId": "v1"
},
"AWSBatchFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSBatchFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-05T21:09:23+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"batch:*",
"cloudwatch:GetMetricStatistics",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"ec2:DescribeKeyPairs",
"ec2:DescribeVpcs",
"ec2:DescribeImages",
"ec2:DescribeLaunchTemplates",
"ec2:DescribeLaunchTemplateVersions",
"ecs:DescribeClusters",
"ecs:Describe*",
"ecs:List*",
"logs:Describe*",
"logs:Get*",
"logs:TestMetricFilter",
"logs:FilterLogEvents",
"iam:ListInstanceProfiles",
"iam:ListRoles"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:PassRole"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/AWSBatchServiceRole",
"arn:aws:iam::*:role/service-role/AWSBatchServiceRole",
"arn:aws:iam::*:role/ecsInstanceRole",
"arn:aws:iam::*:instance-profile/ecsInstanceRole",
"arn:aws:iam::*:role/iaws-ec2-spot-fleet-role",
"arn:aws:iam::*:role/aws-ec2-spot-fleet-role",
"arn:aws:iam::*:role/AWSBatchJobRole*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ7K2KIWB3HZVK3CUO",
"PolicyName": "AWSBatchFullAccess",
"UpdateDate": "2018-11-05T21:09:23+00:00",
"VersionId": "v5"
},
"AWSBatchServiceEventTargetRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSBatchServiceEventTargetRole",
"AttachmentCount": 0,
"CreateDate": "2018-02-28T22:31:13+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"batch:SubmitJob"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAICVHHZ6XHNMA6VE3Q",
"PolicyName": "AWSBatchServiceEventTargetRole",
"UpdateDate": "2018-02-28T22:31:13+00:00",
"VersionId": "v1"
},
"AWSBatchServiceRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole",
"AttachmentCount": 1,
"CreateDate": "2018-10-30T19:00:56+00:00",
"DefaultVersionId": "v9",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeAccountAttributes",
"ec2:DescribeInstances",
"ec2:DescribeInstanceAttribute",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"ec2:DescribeKeyPairs",
"ec2:DescribeImages",
"ec2:DescribeImageAttribute",
"ec2:DescribeSpotInstanceRequests",
"ec2:DescribeSpotFleetInstances",
"ec2:DescribeSpotFleetRequests",
"ec2:DescribeSpotPriceHistory",
"ec2:DescribeVpcClassicLink",
"ec2:DescribeLaunchTemplateVersions",
"ec2:CreateLaunchTemplate",
"ec2:DeleteLaunchTemplate",
"ec2:RequestSpotFleet",
"ec2:CancelSpotFleetRequests",
"ec2:ModifySpotFleetRequest",
"ec2:TerminateInstances",
"ec2:RunInstances",
"autoscaling:DescribeAccountLimits",
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribeLaunchConfigurations",
"autoscaling:DescribeAutoScalingInstances",
"autoscaling:CreateLaunchConfiguration",
"autoscaling:CreateAutoScalingGroup",
"autoscaling:UpdateAutoScalingGroup",
"autoscaling:SetDesiredCapacity",
"autoscaling:DeleteLaunchConfiguration",
"autoscaling:DeleteAutoScalingGroup",
"autoscaling:CreateOrUpdateTags",
"autoscaling:SuspendProcesses",
"autoscaling:PutNotificationConfiguration",
"autoscaling:TerminateInstanceInAutoScalingGroup",
"ecs:DescribeClusters",
"ecs:DescribeContainerInstances",
"ecs:DescribeTaskDefinition",
"ecs:DescribeTasks",
"ecs:ListClusters",
"ecs:ListContainerInstances",
"ecs:ListTaskDefinitionFamilies",
"ecs:ListTaskDefinitions",
"ecs:ListTasks",
"ecs:CreateCluster",
"ecs:DeleteCluster",
"ecs:RegisterTaskDefinition",
"ecs:DeregisterTaskDefinition",
"ecs:RunTask",
"ecs:StartTask",
"ecs:StopTask",
"ecs:UpdateContainerAgent",
"ecs:DeregisterContainerInstance",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogGroups",
"iam:GetInstanceProfile",
"iam:GetRole"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:PassRole",
"Condition": {
"StringEquals": {
"iam:PassedToService": [
"ec2.amazonaws.com",
"ecs-tasks.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringEquals": {
"iam:AWSServiceName": [
"spot.amazonaws.com",
"spotfleet.amazonaws.com",
"autoscaling.amazonaws.com",
"ecs.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:CreateTags"
],
"Condition": {
"StringEquals": {
"ec2:CreateAction": "RunInstances"
}
},
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIUETIXPCKASQJURFE",
"PolicyName": "AWSBatchServiceRole",
"UpdateDate": "2018-10-30T19:00:56+00:00",
"VersionId": "v9"
},
"AWSCertificateManagerFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCertificateManagerFullAccess",
"AttachmentCount": 0,
"CreateDate": "2016-01-21T17:02:36+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"acm:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJYCHABBP6VQIVBCBQ",
"PolicyName": "AWSCertificateManagerFullAccess",
"UpdateDate": "2016-01-21T17:02:36+00:00",
"VersionId": "v1"
},
"AWSCertificateManagerPrivateCAAuditor": {
"Arn": "arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAAuditor",
"AttachmentCount": 0,
"CreateDate": "2018-10-23T16:51:08+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": {
"Action": [
"acm-pca:CreateCertificateAuthorityAuditReport",
"acm-pca:DescribeCertificateAuthority",
"acm-pca:DescribeCertificateAuthorityAuditReport",
"acm-pca:GetCertificateAuthorityCsr",
"acm-pca:GetCertificateAuthorityCertificate",
"acm-pca:GetCertificate",
"acm-pca:ListCertificateAuthorities",
"acm-pca:ListTags"
],
"Effect": "Allow",
"Resource": "arn:aws:acm-pca:*:*:certificate-authority/*"
},
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJW77VE4UEBJ4PEXEY",
"PolicyName": "AWSCertificateManagerPrivateCAAuditor",
"UpdateDate": "2018-10-23T16:51:08+00:00",
"VersionId": "v1"
},
"AWSCertificateManagerPrivateCAFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-10-23T16:54:50+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"acm-pca:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIRTQUC55CREAWFLBG",
"PolicyName": "AWSCertificateManagerPrivateCAFullAccess",
"UpdateDate": "2018-10-23T16:54:50+00:00",
"VersionId": "v1"
},
"AWSCertificateManagerPrivateCAReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAReadOnly",
"AttachmentCount": 0,
"CreateDate": "2018-10-23T16:57:04+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": {
"Action": [
"acm-pca:DescribeCertificateAuthority",
"acm-pca:DescribeCertificateAuthorityAuditReport",
"acm-pca:ListCertificateAuthorities",
"acm-pca:GetCertificateAuthorityCsr",
"acm-pca:GetCertificateAuthorityCertificate",
"acm-pca:GetCertificate",
"acm-pca:ListTags"
],
"Effect": "Allow",
"Resource": "*"
},
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJQAQT3WIXOXY7TD4A",
"PolicyName": "AWSCertificateManagerPrivateCAReadOnly",
"UpdateDate": "2018-10-23T16:57:04+00:00",
"VersionId": "v1"
},
"AWSCertificateManagerPrivateCAUser": {
"Arn": "arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAUser",
"AttachmentCount": 0,
"CreateDate": "2018-10-23T16:53:33+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": {
"Action": [
"acm-pca:IssueCertificate",
"acm-pca:RevokeCertificate",
"acm-pca:GetCertificate",
"acm-pca:ListCertificateAuthorities"
],
"Effect": "Allow",
"Resource": "arn:aws:acm-pca:*:*:certificate-authority/*"
},
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJBXCSJJULLMRWSNII",
"PolicyName": "AWSCertificateManagerPrivateCAUser",
"UpdateDate": "2018-10-23T16:53:33+00:00",
"VersionId": "v1"
},
"AWSCertificateManagerReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AWSCertificateManagerReadOnly",
"AttachmentCount": 0,
"CreateDate": "2016-04-21T15:08:16+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": {
"Action": [
"acm:DescribeCertificate",
"acm:ListCertificates",
"acm:GetCertificate",
"acm:ListTagsForCertificate"
],
"Effect": "Allow",
"Resource": "*"
},
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI4GSWX6S4MESJ3EWC",
"PolicyName": "AWSCertificateManagerReadOnly",
"UpdateDate": "2016-04-21T15:08:16+00:00",
"VersionId": "v2"
},
"AWSCloud9Administrator": {
"Arn": "arn:aws:iam::aws:policy/AWSCloud9Administrator",
"AttachmentCount": 0,
"CreateDate": "2017-11-30T16:17:28+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloud9:*",
"iam:GetUser",
"iam:ListUsers",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:CreateServiceLinkedRole"
],
"Condition": {
"StringLike": {
"iam:AWSServiceName": "cloud9.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIQ4KWP455WDTCBGWK",
"PolicyName": "AWSCloud9Administrator",
"UpdateDate": "2017-11-30T16:17:28+00:00",
"VersionId": "v1"
},
"AWSCloud9EnvironmentMember": {
"Arn": "arn:aws:iam::aws:policy/AWSCloud9EnvironmentMember",
"AttachmentCount": 0,
"CreateDate": "2017-11-30T16:18:28+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloud9:GetUserSettings",
"cloud9:UpdateUserSettings",
"iam:GetUser",
"iam:ListUsers"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloud9:DescribeEnvironmentMemberships"
],
"Condition": {
"Null": {
"cloud9:EnvironmentId": "true",
"cloud9:UserArn": "true"
}
},
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI54ULAIPVT5HFTYGK",
"PolicyName": "AWSCloud9EnvironmentMember",
"UpdateDate": "2017-11-30T16:18:28+00:00",
"VersionId": "v1"
},
"AWSCloud9ServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSCloud9ServiceRolePolicy",
"AttachmentCount": 1,
"CreateDate": "2018-02-27T10:20:24+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ec2:RunInstances",
"ec2:CreateSecurityGroup",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"ec2:DescribeInstances",
"cloudformation:CreateStack",
"cloudformation:DescribeStacks",
"cloudformation:DescribeStackEvents",
"cloudformation:DescribeStackResources"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:TerminateInstances",
"ec2:DeleteSecurityGroup",
"ec2:AuthorizeSecurityGroupIngress"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudformation:DeleteStack"
],
"Effect": "Allow",
"Resource": "arn:aws:cloudformation:*:*:stack/aws-cloud9-*"
},
{
"Action": [
"ec2:CreateTags"
],
"Condition": {
"StringLike": {
"aws:RequestTag/Name": "aws-cloud9-*"
}
},
"Effect": "Allow",
"Resource": "arn:aws:ec2:*:*:instance/*"
},
{
"Action": [
"ec2:StartInstances",
"ec2:StopInstances"
],
"Condition": {
"StringLike": {
"ec2:ResourceTag/aws:cloudformation:stack-name": "aws-cloud9-*"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJFXGCBXQIZATFZ4YG",
"PolicyName": "AWSCloud9ServiceRolePolicy",
"UpdateDate": "2018-02-27T10:20:24+00:00",
"VersionId": "v2"
},
"AWSCloud9User": {
"Arn": "arn:aws:iam::aws:policy/AWSCloud9User",
"AttachmentCount": 0,
"CreateDate": "2018-07-02T08:46:37+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"cloud9:ValidateEnvironmentName",
"cloud9:UpdateUserSettings",
"cloud9:GetUserSettings",
"iam:GetUser",
"iam:ListUsers",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloud9:CreateEnvironmentEC2",
"cloud9:CreateEnvironmentSSH"
],
"Condition": {
"Null": {
"cloud9:OwnerArn": "true"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloud9:GetUserPublicKey"
],
"Condition": {
"Null": {
"cloud9:UserArn": "true"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloud9:DescribeEnvironmentMemberships"
],
"Condition": {
"Null": {
"cloud9:EnvironmentId": "true",
"cloud9:UserArn": "true"
}
},
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"iam:CreateServiceLinkedRole"
],
"Condition": {
"StringLike": {
"iam:AWSServiceName": "cloud9.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJPFGFWQF67QVARP6U",
"PolicyName": "AWSCloud9User",
"UpdateDate": "2018-07-02T08:46:37+00:00",
"VersionId": "v3"
},
"AWSCloudFormationReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCloudFormationReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2017-11-03T00:12:03+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"cloudformation:Describe*",
"cloudformation:EstimateTemplateCost",
"cloudformation:Get*",
"cloudformation:List*",
"cloudformation:ValidateTemplate"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJWVBEE4I2POWLODLW",
"PolicyName": "AWSCloudFormationReadOnlyAccess",
"UpdateDate": "2017-11-03T00:12:03+00:00",
"VersionId": "v2"
},
"AWSCloudFrontLogger": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSCloudFrontLogger",
"AttachmentCount": 1,
"CreateDate": "2018-06-12T20:15:23+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "arn:aws:logs:*:*:/aws/cloudfront/*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIOI7RPKLCNINBTRP4",
"PolicyName": "AWSCloudFrontLogger",
"UpdateDate": "2018-06-12T20:15:23+00:00",
"VersionId": "v1"
},
"AWSCloudHSMFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCloudHSMFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:39:51+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "cloudhsm:*",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIMBQYQZM7F63DA2UU",
"PolicyName": "AWSCloudHSMFullAccess",
"UpdateDate": "2015-02-06T18:39:51+00:00",
"VersionId": "v1"
},
"AWSCloudHSMReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCloudHSMReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:39:52+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudhsm:Get*",
"cloudhsm:List*",
"cloudhsm:Describe*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAISVCBSY7YDBOT67KE",
"PolicyName": "AWSCloudHSMReadOnlyAccess",
"UpdateDate": "2015-02-06T18:39:52+00:00",
"VersionId": "v1"
},
"AWSCloudHSMRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSCloudHSMRole",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:23+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:CreateNetworkInterface",
"ec2:CreateTags",
"ec2:DeleteNetworkInterface",
"ec2:DescribeNetworkInterfaceAttribute",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:DetachNetworkInterface"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI7QIUU4GC66SF26WE",
"PolicyName": "AWSCloudHSMRole",
"UpdateDate": "2015-02-06T18:41:23+00:00",
"VersionId": "v1"
},
"AWSCloudTrailFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCloudTrailFullAccess",
"AttachmentCount": 1,
"CreateDate": "2017-12-11T19:51:27+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"sns:AddPermission",
"sns:CreateTopic",
"sns:DeleteTopic",
"sns:ListTopics",
"sns:SetTopicAttributes",
"sns:GetTopicAttributes"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:CreateBucket",
"s3:DeleteBucket",
"s3:ListAllMyBuckets",
"s3:PutBucketPolicy",
"s3:ListBucket",
"s3:GetObject",
"s3:GetBucketLocation",
"s3:GetBucketPolicy"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "cloudtrail:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"logs:CreateLogGroup"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:PassRole",
"iam:ListRoles",
"iam:GetRolePolicy",
"iam:GetUser"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"kms:ListKeys",
"kms:ListAliases"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"lambda:ListFunctions"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIQNUJTQYDRJPC3BNK",
"PolicyName": "AWSCloudTrailFullAccess",
"UpdateDate": "2017-12-11T19:51:27+00:00",
"VersionId": "v5"
},
"AWSCloudTrailReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCloudTrailReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2017-12-11T19:51:37+00:00",
"DefaultVersionId": "v7",
"Document": {
"Statement": [
{
"Action": [
"s3:GetObject",
"s3:GetBucketLocation"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudtrail:GetTrailStatus",
"cloudtrail:DescribeTrails",
"cloudtrail:LookupEvents",
"cloudtrail:ListTags",
"cloudtrail:ListPublicKeys",
"cloudtrail:GetEventSelectors",
"s3:ListAllMyBuckets",
"kms:ListAliases",
"lambda:ListFunctions"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJDU7KJADWBSEQ3E7S",
"PolicyName": "AWSCloudTrailReadOnlyAccess",
"UpdateDate": "2017-12-11T19:51:37+00:00",
"VersionId": "v7"
},
"AWSCodeBuildAdminAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeBuildAdminAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-15T21:21:56+00:00",
"DefaultVersionId": "v6",
"Document": {
"Statement": [
{
"Action": [
"codebuild:*",
"codecommit:GetBranch",
"codecommit:GetCommit",
"codecommit:GetRepository",
"codecommit:ListBranches",
"codecommit:ListRepositories",
"cloudwatch:GetMetricStatistics",
"ec2:DescribeVpcs",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ecr:DescribeRepositories",
"ecr:ListImages",
"events:DeleteRule",
"events:DescribeRule",
"events:DisableRule",
"events:EnableRule",
"events:ListTargetsByRule",
"events:ListRuleNamesByTarget",
"events:PutRule",
"events:PutTargets",
"events:RemoveTargets",
"logs:GetLogEvents",
"s3:GetBucketLocation",
"s3:ListAllMyBuckets"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"logs:DeleteLogGroup"
],
"Effect": "Allow",
"Resource": "arn:aws:logs:*:*:log-group:/aws/codebuild/*:log-stream:*"
},
{
"Action": [
"ssm:PutParameter"
],
"Effect": "Allow",
"Resource": "arn:aws:ssm:*:*:parameter/CodeBuild/*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJQJGIOIE3CD2TQXDS",
"PolicyName": "AWSCodeBuildAdminAccess",
"UpdateDate": "2018-11-15T21:21:56+00:00",
"VersionId": "v6"
},
"AWSCodeBuildDeveloperAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeBuildDeveloperAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-15T21:32:53+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"codebuild:StartBuild",
"codebuild:StopBuild",
"codebuild:BatchGet*",
"codebuild:Get*",
"codebuild:List*",
"codecommit:GetBranch",
"codecommit:GetCommit",
"codecommit:GetRepository",
"codecommit:ListBranches",
"cloudwatch:GetMetricStatistics",
"events:DescribeRule",
"events:ListTargetsByRule",
"events:ListRuleNamesByTarget",
"logs:GetLogEvents",
"s3:GetBucketLocation",
"s3:ListAllMyBuckets"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ssm:PutParameter"
],
"Effect": "Allow",
"Resource": "arn:aws:ssm:*:*:parameter/CodeBuild/*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIMKTMR34XSBQW45HS",
"PolicyName": "AWSCodeBuildDeveloperAccess",
"UpdateDate": "2018-11-15T21:32:53+00:00",
"VersionId": "v4"
},
"AWSCodeBuildReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeBuildReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-15T21:38:34+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"codebuild:BatchGet*",
"codebuild:Get*",
"codebuild:List*",
"codecommit:GetBranch",
"codecommit:GetCommit",
"codecommit:GetRepository",
"cloudwatch:GetMetricStatistics",
"events:DescribeRule",
"events:ListTargetsByRule",
"events:ListRuleNamesByTarget",
"logs:GetLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJIZZWN6557F5HVP2K",
"PolicyName": "AWSCodeBuildReadOnlyAccess",
"UpdateDate": "2018-11-15T21:38:34+00:00",
"VersionId": "v3"
},
"AWSCodeCommitFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeCommitFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-11-20T20:04:31+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"codecommit:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"events:DeleteRule",
"events:DescribeRule",
"events:DisableRule",
"events:EnableRule",
"events:PutRule",
"events:PutTargets",
"events:RemoveTargets",
"events:ListTargetsByRule"
],
"Effect": "Allow",
"Resource": "arn:aws:events:*:*:rule/codecommit*",
"Sid": "CloudWatchEventsCodeCommitRulesAccess"
},
{
"Action": [
"sns:CreateTopic",
"sns:DeleteTopic",
"sns:Subscribe",
"sns:Unsubscribe",
"sns:SetTopicAttributes"
],
"Effect": "Allow",
"Resource": "arn:aws:sns:*:*:codecommit*",
"Sid": "SNSTopicAndSubscriptionAccess"
},
{
"Action": [
"sns:ListTopics",
"sns:ListSubscriptionsByTopic",
"sns:GetTopicAttributes"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "SNSTopicAndSubscriptionReadAccess"
},
{
"Action": [
"lambda:ListFunctions"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "LambdaReadOnlyListAccess"
},
{
"Action": [
"iam:ListUsers"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "IAMReadOnlyListAccess"
},
{
"Action": [
"iam:ListAccessKeys",
"iam:ListSSHPublicKeys",
"iam:ListServiceSpecificCredentials",
"iam:ListAccessKeys",
"iam:GetSSHPublicKey"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:user/${aws:username}",
"Sid": "IAMReadOnlyConsoleAccess"
},
{
"Action": [
"iam:DeleteSSHPublicKey",
"iam:GetSSHPublicKey",
"iam:ListSSHPublicKeys",
"iam:UpdateSSHPublicKey",
"iam:UploadSSHPublicKey"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:user/${aws:username}",
"Sid": "IAMUserSSHKeys"
},
{
"Action": [
"iam:CreateServiceSpecificCredential",
"iam:UpdateServiceSpecificCredential",
"iam:DeleteServiceSpecificCredential",
"iam:ResetServiceSpecificCredential"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:user/${aws:username}",
"Sid": "IAMSelfManageServiceSpecificCredentials"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI4VCZ3XPIZLQ5NZV2",
"PolicyName": "AWSCodeCommitFullAccess",
"UpdateDate": "2017-11-20T20:04:31+00:00",
"VersionId": "v2"
},
"AWSCodeCommitPowerUser": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeCommitPowerUser",
"AttachmentCount": 0,
"CreateDate": "2017-11-20T20:02:27+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"codecommit:BatchGet*",
"codecommit:Get*",
"codecommit:List*",
"codecommit:Create*",
"codecommit:DeleteBranch",
"codecommit:Describe*",
"codecommit:Put*",
"codecommit:Post*",
"codecommit:Merge*",
"codecommit:Test*",
"codecommit:Update*",
"codecommit:GitPull",
"codecommit:GitPush"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"events:DeleteRule",
"events:DescribeRule",
"events:DisableRule",
"events:EnableRule",
"events:PutRule",
"events:PutTargets",
"events:RemoveTargets",
"events:ListTargetsByRule"
],
"Effect": "Allow",
"Resource": "arn:aws:events:*:*:rule/codecommit*",
"Sid": "CloudWatchEventsCodeCommitRulesAccess"
},
{
"Action": [
"sns:Subscribe",
"sns:Unsubscribe"
],
"Effect": "Allow",
"Resource": "arn:aws:sns:*:*:codecommit*",
"Sid": "SNSTopicAndSubscriptionAccess"
},
{
"Action": [
"sns:ListTopics",
"sns:ListSubscriptionsByTopic",
"sns:GetTopicAttributes"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "SNSTopicAndSubscriptionReadAccess"
},
{
"Action": [
"lambda:ListFunctions"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "LambdaReadOnlyListAccess"
},
{
"Action": [
"iam:ListUsers"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "IAMReadOnlyListAccess"
},
{
"Action": [
"iam:ListAccessKeys",
"iam:ListSSHPublicKeys",
"iam:ListServiceSpecificCredentials",
"iam:ListAccessKeys",
"iam:GetSSHPublicKey"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:user/${aws:username}",
"Sid": "IAMReadOnlyConsoleAccess"
},
{
"Action": [
"iam:DeleteSSHPublicKey",
"iam:GetSSHPublicKey",
"iam:ListSSHPublicKeys",
"iam:UpdateSSHPublicKey",
"iam:UploadSSHPublicKey"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:user/${aws:username}",
"Sid": "IAMUserSSHKeys"
},
{
"Action": [
"iam:CreateServiceSpecificCredential",
"iam:UpdateServiceSpecificCredential",
"iam:DeleteServiceSpecificCredential",
"iam:ResetServiceSpecificCredential"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:user/${aws:username}",
"Sid": "IAMSelfManageServiceSpecificCredentials"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI4UIINUVGB5SEC57G",
"PolicyName": "AWSCodeCommitPowerUser",
"UpdateDate": "2017-11-20T20:02:27+00:00",
"VersionId": "v4"
},
"AWSCodeCommitReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeCommitReadOnly",
"AttachmentCount": 0,
"CreateDate": "2017-11-20T20:01:56+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"codecommit:BatchGet*",
"codecommit:Get*",
"codecommit:Describe*",
"codecommit:List*",
"codecommit:GitPull"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"events:DescribeRule",
"events:ListTargetsByRule"
],
"Effect": "Allow",
"Resource": "arn:aws:events:*:*:rule/codecommit*",
"Sid": "CloudWatchEventsCodeCommitRulesReadOnlyAccess"
},
{
"Action": [
"sns:ListTopics",
"sns:ListSubscriptionsByTopic",
"sns:GetTopicAttributes"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "SNSSubscriptionAccess"
},
{
"Action": [
"lambda:ListFunctions"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "LambdaReadOnlyListAccess"
},
{
"Action": [
"iam:ListUsers"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "IAMReadOnlyListAccess"
},
{
"Action": [
"iam:ListAccessKeys",
"iam:ListSSHPublicKeys",
"iam:ListServiceSpecificCredentials",
"iam:ListAccessKeys",
"iam:GetSSHPublicKey"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:user/${aws:username}",
"Sid": "IAMReadOnlyConsoleAccess"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJACNSXR7Z2VLJW3D6",
"PolicyName": "AWSCodeCommitReadOnly",
"UpdateDate": "2017-11-20T20:01:56+00:00",
"VersionId": "v2"
},
"AWSCodeDeployDeployerAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeDeployDeployerAccess",
"AttachmentCount": 0,
"CreateDate": "2015-05-19T18:18:43+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"codedeploy:Batch*",
"codedeploy:CreateDeployment",
"codedeploy:Get*",
"codedeploy:List*",
"codedeploy:RegisterApplicationRevision"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJUWEPOMGLMVXJAPUI",
"PolicyName": "AWSCodeDeployDeployerAccess",
"UpdateDate": "2015-05-19T18:18:43+00:00",
"VersionId": "v1"
},
"AWSCodeDeployFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeDeployFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-05-19T18:13:23+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "codedeploy:*",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIONKN3TJZUKXCHXWC",
"PolicyName": "AWSCodeDeployFullAccess",
"UpdateDate": "2015-05-19T18:13:23+00:00",
"VersionId": "v1"
},
"AWSCodeDeployReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeDeployReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-05-19T18:21:32+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"codedeploy:Batch*",
"codedeploy:Get*",
"codedeploy:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAILZHHKCKB4NE7XOIQ",
"PolicyName": "AWSCodeDeployReadOnlyAccess",
"UpdateDate": "2015-05-19T18:21:32+00:00",
"VersionId": "v1"
},
"AWSCodeDeployRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole",
"AttachmentCount": 1,
"CreateDate": "2017-09-11T19:09:51+00:00",
"DefaultVersionId": "v6",
"Document": {
"Statement": [
{
"Action": [
"autoscaling:CompleteLifecycleAction",
"autoscaling:DeleteLifecycleHook",
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribeLifecycleHooks",
"autoscaling:PutLifecycleHook",
"autoscaling:RecordLifecycleActionHeartbeat",
"autoscaling:CreateAutoScalingGroup",
"autoscaling:UpdateAutoScalingGroup",
"autoscaling:EnableMetricsCollection",
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribePolicies",
"autoscaling:DescribeScheduledActions",
"autoscaling:DescribeNotificationConfigurations",
"autoscaling:DescribeLifecycleHooks",
"autoscaling:SuspendProcesses",
"autoscaling:ResumeProcesses",
"autoscaling:AttachLoadBalancers",
"autoscaling:PutScalingPolicy",
"autoscaling:PutScheduledUpdateGroupAction",
"autoscaling:PutNotificationConfiguration",
"autoscaling:PutLifecycleHook",
"autoscaling:DescribeScalingActivities",
"autoscaling:DeleteAutoScalingGroup",
"ec2:DescribeInstances",
"ec2:DescribeInstanceStatus",
"ec2:TerminateInstances",
"tag:GetTags",
"tag:GetResources",
"sns:Publish",
"cloudwatch:DescribeAlarms",
"cloudwatch:PutMetricAlarm",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeInstanceHealth",
"elasticloadbalancing:RegisterInstancesWithLoadBalancer",
"elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
"elasticloadbalancing:DescribeTargetGroups",
"elasticloadbalancing:DescribeTargetHealth",
"elasticloadbalancing:RegisterTargets",
"elasticloadbalancing:DeregisterTargets"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ2NKMKD73QS5NBFLA",
"PolicyName": "AWSCodeDeployRole",
"UpdateDate": "2017-09-11T19:09:51+00:00",
"VersionId": "v6"
},
"AWSCodeDeployRoleForLambda": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSCodeDeployRoleForLambda",
"AttachmentCount": 0,
"CreateDate": "2017-12-01T22:32:58+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:DescribeAlarms",
"lambda:UpdateAlias",
"lambda:GetAlias",
"sns:Publish"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:GetObject",
"s3:GetObjectVersion"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::*/CodeDeploy/*"
},
{
"Action": [
"s3:GetObject",
"s3:GetObjectVersion"
],
"Condition": {
"StringEquals": {
"s3:ExistingObjectTag/UseWithCodeDeploy": "true"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"lambda:InvokeFunction"
],
"Effect": "Allow",
"Resource": "arn:aws:lambda:*:*:function:CodeDeployHook_*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJA3RQZIKNOSJ4ZQSA",
"PolicyName": "AWSCodeDeployRoleForLambda",
"UpdateDate": "2017-12-01T22:32:58+00:00",
"VersionId": "v2"
},
"AWSCodePipelineApproverAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodePipelineApproverAccess",
"AttachmentCount": 0,
"CreateDate": "2017-08-02T17:24:58+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"codepipeline:GetPipeline",
"codepipeline:GetPipelineState",
"codepipeline:GetPipelineExecution",
"codepipeline:ListPipelineExecutions",
"codepipeline:ListPipelines",
"codepipeline:PutApprovalResult"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAICXNWK42SQ6LMDXM2",
"PolicyName": "AWSCodePipelineApproverAccess",
"UpdateDate": "2017-08-02T17:24:58+00:00",
"VersionId": "v3"
},
"AWSCodePipelineCustomActionAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodePipelineCustomActionAccess",
"AttachmentCount": 0,
"CreateDate": "2015-07-09T17:02:54+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"codepipeline:AcknowledgeJob",
"codepipeline:GetJobDetails",
"codepipeline:PollForJobs",
"codepipeline:PutJobFailureResult",
"codepipeline:PutJobSuccessResult"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJFW5Z32BTVF76VCYC",
"PolicyName": "AWSCodePipelineCustomActionAccess",
"UpdateDate": "2015-07-09T17:02:54+00:00",
"VersionId": "v1"
},
"AWSCodePipelineFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodePipelineFullAccess",
"AttachmentCount": 0,
"CreateDate": "2016-11-01T19:59:46+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"codepipeline:*",
"iam:ListRoles",
"iam:PassRole",
"s3:CreateBucket",
"s3:GetBucketPolicy",
"s3:GetObject",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"s3:PutBucketPolicy",
"codecommit:ListBranches",
"codecommit:ListRepositories",
"codedeploy:GetApplication",
"codedeploy:GetDeploymentGroup",
"codedeploy:ListApplications",
"codedeploy:ListDeploymentGroups",
"elasticbeanstalk:DescribeApplications",
"elasticbeanstalk:DescribeEnvironments",
"lambda:GetFunctionConfiguration",
"lambda:ListFunctions",
"opsworks:DescribeApps",
"opsworks:DescribeLayers",
"opsworks:DescribeStacks",
"cloudformation:DescribeStacks",
"cloudformation:ListChangeSets"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJP5LH77KSAT2KHQGG",
"PolicyName": "AWSCodePipelineFullAccess",
"UpdateDate": "2016-11-01T19:59:46+00:00",
"VersionId": "v5"
},
"AWSCodePipelineReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodePipelineReadOnlyAccess",
"AttachmentCount": 1,
"CreateDate": "2017-08-02T17:25:18+00:00",
"DefaultVersionId": "v6",
"Document": {
"Statement": [
{
"Action": [
"codepipeline:GetPipeline",
"codepipeline:GetPipelineState",
"codepipeline:GetPipelineExecution",
"codepipeline:ListPipelineExecutions",
"codepipeline:ListActionTypes",
"codepipeline:ListPipelines",
"iam:ListRoles",
"s3:GetBucketPolicy",
"s3:GetObject",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"codecommit:ListBranches",
"codecommit:ListRepositories",
"codedeploy:GetApplication",
"codedeploy:GetDeploymentGroup",
"codedeploy:ListApplications",
"codedeploy:ListDeploymentGroups",
"elasticbeanstalk:DescribeApplications",
"elasticbeanstalk:DescribeEnvironments",
"lambda:GetFunctionConfiguration",
"lambda:ListFunctions",
"opsworks:DescribeApps",
"opsworks:DescribeLayers",
"opsworks:DescribeStacks"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAILFKZXIBOTNC5TO2Q",
"PolicyName": "AWSCodePipelineReadOnlyAccess",
"UpdateDate": "2017-08-02T17:25:18+00:00",
"VersionId": "v6"
},
"AWSCodeStarFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeStarFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-01-10T21:54:06+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"codestar:*",
"ec2:DescribeKeyPairs",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets",
"cloud9:DescribeEnvironment*",
"cloud9:ValidateEnvironmentName"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "CodeStarEC2"
},
{
"Action": [
"cloudformation:DescribeStack*",
"cloudformation:GetTemplateSummary"
],
"Effect": "Allow",
"Resource": [
"arn:aws:cloudformation:*:*:stack/awscodestar-*"
],
"Sid": "CodeStarCF"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIXI233TFUGLZOJBEC",
"PolicyName": "AWSCodeStarFullAccess",
"UpdateDate": "2018-01-10T21:54:06+00:00",
"VersionId": "v2"
},
"AWSCodeStarServiceRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSCodeStarServiceRole",
"AttachmentCount": 0,
"CreateDate": "2018-10-04T19:28:06+00:00",
"DefaultVersionId": "v8",
"Document": {
"Statement": [
{
"Action": [
"events:PutTargets",
"events:RemoveTargets",
"events:PutRule",
"events:DeleteRule",
"events:DescribeRule"
],
"Effect": "Allow",
"Resource": [
"arn:aws:events:*:*:rule/awscodestar-*"
],
"Sid": "ProjectEventRules"
},
{
"Action": [
"cloudformation:*Stack*",
"cloudformation:CreateChangeSet",
"cloudformation:ExecuteChangeSet",
"cloudformation:DeleteChangeSet",
"cloudformation:GetTemplate"
],
"Effect": "Allow",
"Resource": [
"arn:aws:cloudformation:*:*:stack/awscodestar-*",
"arn:aws:cloudformation:*:*:stack/awseb-*",
"arn:aws:cloudformation:*:*:stack/aws-cloud9-*",
"arn:aws:cloudformation:*:aws:transform/CodeStar*"
],
"Sid": "ProjectStack"
},
{
"Action": [
"cloudformation:GetTemplateSummary",
"cloudformation:DescribeChangeSet"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "ProjectStackTemplate"
},
{
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::awscodestar-*/*"
],
"Sid": "ProjectQuickstarts"
},
{
"Action": [
"s3:*"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-codestar-*",
"arn:aws:s3:::aws-codestar-*/*",
"arn:aws:s3:::elasticbeanstalk-*",
"arn:aws:s3:::elasticbeanstalk-*/*"
],
"Sid": "ProjectS3Buckets"
},
{
"Action": [
"codestar:*",
"codecommit:*",
"codepipeline:*",
"codedeploy:*",
"codebuild:*",
"ec2:RunInstances",
"autoscaling:*",
"cloudwatch:Put*",
"ec2:*",
"elasticbeanstalk:*",
"elasticloadbalancing:*",
"iam:ListRoles",
"logs:*",
"sns:*",
"cloud9:CreateEnvironmentEC2",
"cloud9:DeleteEnvironment",
"cloud9:DescribeEnvironment*",
"cloud9:ListEnvironments"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "ProjectServices"
},
{
"Action": [
"iam:AttachRolePolicy",
"iam:CreateRole",
"iam:DeleteRole",
"iam:DeleteRolePolicy",
"iam:DetachRolePolicy",
"iam:GetRole",
"iam:PassRole",
"iam:PutRolePolicy",
"iam:SetDefaultPolicyVersion",
"iam:CreatePolicy",
"iam:DeletePolicy",
"iam:AddRoleToInstanceProfile",
"iam:CreateInstanceProfile",
"iam:DeleteInstanceProfile",
"iam:RemoveRoleFromInstanceProfile"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/CodeStarWorker*",
"arn:aws:iam::*:policy/CodeStarWorker*",
"arn:aws:iam::*:instance-profile/awscodestar-*"
],
"Sid": "ProjectWorkerRoles"
},
{
"Action": [
"iam:AttachUserPolicy",
"iam:DetachUserPolicy"
],
"Condition": {
"ArnEquals": {
"iam:PolicyArn": [
"arn:aws:iam::*:policy/CodeStar_*"
]
}
},
"Effect": "Allow",
"Resource": "*",
"Sid": "ProjectTeamMembers"
},
{
"Action": [
"iam:CreatePolicy",