{ "url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsidentitystore.html", "name": "AWS Identity Store", "prefix": "identitystore", "timestamp": "1781568006", "actions": [ { "url": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample", "name": "AddRegion", "description": "Grants permission to add a region to an IdentityStore", "access": "Write", "resources": [], "conditions": [], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_CreateGroup.html", "name": "CreateGroup", "description": "Grants permission to create a group in the specified IdentityStore", "access": "Write", "resources": [ { "name": "Identitystore", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion", "identitystore:GroupExternalIdIssuers" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_CreateGroupMembership.html", "name": "CreateGroupMembership", "description": "Grants permission to create a member to a group in the specified IdentityStore", "access": "Write", "resources": [ { "name": "Group", "is_required": true }, { "name": "Identitystore", "is_required": true }, { "name": "User", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample", "name": "CreateIdentityStore", "description": "Grants permission to create a new IdentityStore in an AWS account", "access": "Write", "resources": [], "conditions": [], "dependents": [ "kms:Decrypt", "kms:DescribeKey", "kms:Encrypt", "kms:GenerateDataKeyWithoutPlaintext" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_CreateUser.html", "name": "CreateUser", "description": "Grants permission to create a user in the specified IdentityStore", "access": "Write", "resources": [ { "name": "Identitystore", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion", "identitystore:UserExternalIdIssuers", "identitystore:ReservedUserId" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DeleteGroup.html", "name": "DeleteGroup", "description": "Grants permission to delete a group in the specified IdentityStore", "access": "Write", "resources": [ { "name": "Group", "is_required": true }, { "name": "Identitystore", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion", "identitystore:GroupExternalIdIssuers" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DeleteGroupMembership.html", "name": "DeleteGroupMembership", "description": "Grants permission to remove a member that is part of a group in the specified IdentityStore", "access": "Write", "resources": [ { "name": "Group", "is_required": true }, { "name": "GroupMembership", "is_required": true }, { "name": "Identitystore", "is_required": true }, { "name": "User", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample", "name": "DeleteIdentityStore", "description": "Grants permission to delete an IdentityStore", "access": "Write", "resources": [], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DeleteUser.html", "name": "DeleteUser", "description": "Grants permission to delete a user in the specified IdentityStore", "access": "Write", "resources": [ { "name": "Identitystore", "is_required": true }, { "name": "User", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion", "identitystore:UserExternalIdIssuers" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DescribeGroup.html", "name": "DescribeGroup", "description": "Grants permission to retrieve information about a group in the specified IdentityStore", "access": "Read", "resources": [ { "name": "Group", "is_required": true }, { "name": "Identitystore", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion", "identitystore:GroupExternalIdIssuers" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DescribeGroupMembership.html", "name": "DescribeGroupMembership", "description": "Grants permission to retrieve information about a member that is part of a group in the specified IdentityStore", "access": "Read", "resources": [ { "name": "Group", "is_required": true }, { "name": "GroupMembership", "is_required": true }, { "name": "Identitystore", "is_required": true }, { "name": "User", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample", "name": "DescribeRegion", "description": "Grants permission to retrieve configuration details for a specific IdentityStore region", "access": "Read", "resources": [], "conditions": [ "identitystore:PrimaryRegion" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DescribeUser.html", "name": "DescribeUser", "description": "Grants permission to retrieve information about user in the specified IdentityStore", "access": "Read", "resources": [ { "name": "Identitystore", "is_required": true }, { "name": "User", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion", "identitystore:UserExternalIdIssuers" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_GetGroupId.html", "name": "GetGroupId", "description": "Grants permission to retrieve ID information about group in the specified IdentityStore", "access": "Read", "resources": [ { "name": "Group", "is_required": true }, { "name": "Identitystore", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_GetGroupMembershipId.html", "name": "GetGroupMembershipId", "description": "Grants permission to retrieve ID information of a member which is part of a group in the specified IdentityStore", "access": "Read", "resources": [ { "name": "Group", "is_required": true }, { "name": "GroupMembership", "is_required": true }, { "name": "Identitystore", "is_required": true }, { "name": "User", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_GetUserId.html", "name": "GetUserId", "description": "Grants permission to retrieves ID information about user in the specified IdentityStore", "access": "Read", "resources": [ { "name": "Identitystore", "is_required": true }, { "name": "User", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_IsMemberInGroups.html", "name": "IsMemberInGroups", "description": "Grants permission to check if a member is a part of groups in the specified IdentityStore", "access": "Read", "resources": [ { "name": "AllGroupMemberships", "is_required": true }, { "name": "Group", "is_required": true }, { "name": "Identitystore", "is_required": true }, { "name": "User", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_ListGroupMemberships.html", "name": "ListGroupMemberships", "description": "Grants permission to retrieve all members that are part of a group in the specified IdentityStore", "access": "List", "resources": [ { "name": "AllGroupMemberships", "is_required": true }, { "name": "Group", "is_required": true }, { "name": "Identitystore", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_ListGroupMembershipsForMember.html", "name": "ListGroupMembershipsForMember", "description": "Grants permission to list groups of the target member in the specified IdentityStore", "access": "List", "resources": [ { "name": "AllGroupMemberships", "is_required": true }, { "name": "Identitystore", "is_required": true }, { "name": "User", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_ListGroups.html", "name": "ListGroups", "description": "Grants permission to search for groups within the specified IdentityStore", "access": "List", "resources": [ { "name": "AllGroups", "is_required": true }, { "name": "Identitystore", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion", "identitystore:GroupExternalIdIssuers" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample", "name": "ListRegions", "description": "Grants permission to list all regions configured for an IdentityStore", "access": "List", "resources": [], "conditions": [ "identitystore:PrimaryRegion" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_ListUsers.html", "name": "ListUsers", "description": "Grants permission to search for users in the specified IdentityStore", "access": "List", "resources": [ { "name": "AllUsers", "is_required": true }, { "name": "Identitystore", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion", "identitystore:UserExternalIdIssuers" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample", "name": "RemoveRegion", "description": "Grants permission to remove a region from an IdentityStore", "access": "Write", "resources": [], "conditions": [], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample", "name": "ReserveUser", "description": "Grants permission to reserve a user by getting a userId", "access": "Write", "resources": [ { "name": "Identitystore", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_UpdateGroup.html", "name": "UpdateGroup", "description": "Grants permission to update information about a group in the specified IdentityStore", "access": "Write", "resources": [ { "name": "Group", "is_required": true }, { "name": "Identitystore", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion", "identitystore:GroupExternalIdIssuers" ], "dependents": [ "kms:Decrypt" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample", "name": "UpdateIdentityStore", "description": "Grants permission to update the configuration of an IdentityStore", "access": "Write", "resources": [], "conditions": [], "dependents": [ "kms:Decrypt", "kms:DescribeKey", "kms:Encrypt", "kms:GenerateDataKeyWithoutPlaintext" ] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_UpdateUser.html", "name": "UpdateUser", "description": "Grants permission to update user information in the specified IdentityStore", "access": "Write", "resources": [ { "name": "Identitystore", "is_required": true }, { "name": "User", "is_required": true } ], "conditions": [ "identitystore:PrimaryRegion", "identitystore:UserExternalIdIssuers" ], "dependents": [ "kms:Decrypt" ] } ], "resources": [ { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/", "name": "Identitystore", "arn": "arn:${Partition}:identitystore::${Account}:identitystore/${IdentityStoreId}", "conditions": [] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html", "name": "User", "arn": "arn:${Partition}:identitystore:::user/${UserId}", "conditions": [] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html", "name": "Group", "arn": "arn:${Partition}:identitystore:::group/${GroupId}", "conditions": [] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_GroupMembership.html", "name": "GroupMembership", "arn": "arn:${Partition}:identitystore:::membership/${MembershipId}", "conditions": [] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html", "name": "AllUsers", "arn": "arn:${Partition}:identitystore:::user/*", "conditions": [] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html", "name": "AllGroups", "arn": "arn:${Partition}:identitystore:::group/*", "conditions": [] }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_GroupMembership.html", "name": "AllGroupMemberships", "arn": "arn:${Partition}:identitystore:::membership/*", "conditions": [] } ], "conditions": [ { "url": "list_awsidentitystore.html#awsidentitystore-policy-keys", "name": "identitystore:GroupExternalIdIssuers", "description": "Filters access by Issuer present in ExternalIds for Group resources", "type": "ArrayOfARN" }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/userguide/condition-context-keys-sts-idc.html#condition-keys-identity-store-arn", "name": "identitystore:IdentityStoreArn", "description": "Filters access by Identity Store ARN", "type": "ARN" }, { "url": "list_awsidentitystore.html#awsidentitystore-policy-keys", "name": "identitystore:PrimaryRegion", "description": "Filters access by Primary Region of Identity Store", "type": "String" }, { "url": "list_awsidentitystore.html#awsidentitystore-policy-keys", "name": "identitystore:ReservedUserId", "description": "Filters access by a previously reserved User ID for CreateUser operation", "type": "String" }, { "url": "list_awsidentitystore.html#awsidentitystore-policy-keys", "name": "identitystore:UserExternalIdIssuers", "description": "Filters access by Issuer present in ExternalIds for User resources", "type": "ArrayOfARN" }, { "url": "https://docs.aws.amazon.com/singlesignon/latest/userguide/condition-context-keys-sts-idc.html#condition-keys-identity-store-user-id", "name": "identitystore:UserId", "description": "Filters access by Identity Store User ID", "type": "String" } ] }