AWS Identity Synchronization Service (identity-sync)

2022-03-25

12 new actions, 2 new resources

Additions

    Actions
  • CreateSyncFilter
    • Description:  Grants permission to create a sync filter on the sync profile
    • Access:  Write
    • Resources: 

      Name: SyncProfileResource

      Required: Yes

  • CreateSyncProfile
    • Description:  Grants permission to create a sync profile for the source
    • Access:  Write
    • Dependents: 

      ds:AuthorizeApplication

  • CreateSyncTarget
    • Description:  Grants permission to create a sync target for the source
    • Access:  Write
    • Resources: 

      Name: SyncProfileResource

      Required: Yes

  • DeleteSyncFilter
    • Description:  Grants permission to delete a sync filter on the sync profile
    • Access:  Write
    • Resources: 

      Name: SyncProfileResource

      Required: Yes

  • DeleteSyncProfile
    • Description:  Grants permission to delete a sync profile on the source
    • Access:  Write
    • Resources: 

      Name: SyncProfileResource

      Required: Yes

    • Dependents: 

      ds:UnauthorizeApplication

  • DeleteSyncTarget
    • Description:  Grants permission to delete a sync target on the source
    • Access:  Write
    • Resources: 

      Name: SyncProfileResource

      Required: Yes

      Name: SyncTargetResource

      Required: Yes

  • GetSyncProfile
    • Description:  Grants permission to retrieve a sync profile using sync profile name
    • Access:  Read
    • Resources: 

      Name: SyncProfileResource

      Required: Yes

  • GetSyncTarget
    • Description:  Grants permission to retrieve a sync target on the sync profile
    • Access:  Read
    • Resources: 

      Name: SyncProfileResource

      Required: Yes

      Name: SyncTargetResource

      Required: Yes

  • ListSyncFilters
    • Description:  Grants permission to list the sync filters on the sync profile
    • Access:  List
    • Resources: 

      Name: SyncProfileResource

      Required: Yes

  • StartSync
    • Description:  Grants permission to start a synchronization process or to restart a synchronization that was previously stopped
    • Access:  Write
    • Resources: 

      Name: SyncProfileResource

      Required: Yes

  • StopSync
    • Description:  Grants permission to stop any planned synchronizations in the synchronization schedule from starting
    • Access:  Write
    • Resources: 

      Name: SyncProfileResource

      Required: Yes

  • UpdateSyncTarget
    • Description:  Grants permission to update a sync target on the sync profile
    • Access:  Write
    • Resources: 

      Name: SyncProfileResource

      Required: Yes

      Name: SyncTargetResource

      Required: Yes

    Resources
  • SyncProfileResource
    • Arn:  ^arn:${Partition}:identity-sync:${Region}:${Account}:profile/${SyncProfileName}
  • SyncTargetResource
    • Arn:  ^arn:${Partition}:identity-sync:${Region}:${Account}:target/${SyncProfileName}/${SyncTargetName}