AWS HealthOmics (omics)

Additions

Actions

• BatchDeleteReadSet
  
  • Description:  Grants permission to batch delete Read Sets in the given Sequence Store
  • Access:  Write
  • Resources: 

    Name: sequenceStore

    Required: Yes

• CancelAnnotationImportJob
  
  • Description:  Grants permission to cancel an Annotation Import Job
  • Access:  Write
  • Resources: 

    Name: AnnotationImportJob

    Required: Yes

• CancelRun
  
  • Description:  Grants permission to cancel a workflow run and stop all workflow tasks
  • Access:  Write
  • Resources: 

    Name: run

    Required: Yes

• CancelVariantImportJob
  
  • Description:  Grants permission to cancel a Variant Import Job
  • Access:  Write
  • Resources: 

    Name: VariantImportJob

    Required: Yes

• CreateAnnotationStore
  
  • Description:  Grants permission to create an Annotation Store
  • Access:  Write
• CreateReferenceStore
  
  • Description:  Grants permission to create a Reference Store
  • Access:  Write
  • Conditions: 

    aws:RequestTag/${TagKey}

    aws:TagKeys

• CreateRunGroup
  
  • Description:  Grants permission to create a new workflow run group
  • Access:  Write
  • Conditions: 

    aws:RequestTag/${TagKey}

    aws:TagKeys

• CreateSequenceStore
  
  • Description:  Grants permission to create a Sequence Store
  • Access:  Write
  • Conditions: 

    aws:RequestTag/${TagKey}

    aws:TagKeys

• CreateVariantStore
  
  • Description:  Grants permission to create a Variant Store
  • Access:  Write
• CreateWorkflow
  
  • Description:  Grants permission to create a new workflow with a workflow definition and template of workflow parameters
  • Access:  Write
  • Conditions: 

    aws:RequestTag/${TagKey}

    aws:TagKeys

• DeleteAnnotationStore
  
  • Description:  Grants permission to delete an Annotation Store
  • Access:  Write
  • Resources: 

    Name: AnnotationStore

    Required: Yes

• DeleteReference
  
  • Description:  Grants permission to delete a Reference in the given Reference Store
  • Access:  Write
  • Resources: 

    Name: reference

    Required: Yes

    Name: referenceStore

    Required: Yes

• DeleteReferenceStore
  
  • Description:  Grants permission to delete a Reference Store
  • Access:  Write
  • Resources: 

    Name: referenceStore

    Required: Yes

• DeleteRun
  
  • Description:  Grants permission to delete a workflow run
  • Access:  Write
  • Resources: 

    Name: run

    Required: Yes

• DeleteRunGroup
  
  • Description:  Grants permission to delete a workflow run group
  • Access:  Write
  • Resources: 

    Name: runGroup

    Required: Yes

• DeleteSequenceStore
  
  • Description:  Grants permission to delete a Sequence Store
  • Access:  Write
  • Resources: 

    Name: sequenceStore

    Required: Yes

• DeleteVariantStore
  
  • Description:  Grants permission to delete a Variant Store
  • Access:  Write
  • Resources: 

    Name: VariantStore

    Required: Yes

• DeleteWorkflow
  
  • Description:  Grants permission to delete a workflow
  • Access:  Write
  • Resources: 

    Name: workflow

    Required: Yes

• GetAnnotationImportJob
  
  • Description:  Grants permission to get the status of an Annotation Import Job
  • Access:  Read
  • Resources: 

    Name: AnnotationImportJob

    Required: Yes

• GetAnnotationStore
  
  • Description:  Grants permission to get detailed information about an Annotation Store
  • Access:  Read
  • Resources: 

    Name: AnnotationStore

    Required: Yes

• GetReadSet
  
  • Description:  Grants permission to get a Read Set in the given Sequence Store
  • Access:  Read
  • Resources: 

    Name: readSet

    Required: Yes

    Name: sequenceStore

    Required: Yes

• GetReadSetActivationJob
  
  • Description:  Grants permission to get details about a Read Set activation job for the given Sequence Store
  • Access:  Read
  • Resources: 

    Name: sequenceStore

    Required: Yes

• GetReadSetExportJob
  
  • Description:  Grants permission to get details about a Read Set export job for the given Sequence Store
  • Access:  Read
  • Resources: 

    Name: sequenceStore

    Required: Yes

• GetReadSetImportJob
  
  • Description:  Grants permission to get details about a Read Set import job for the given Sequence Store
  • Access:  Read
  • Resources: 

    Name: sequenceStore

    Required: Yes

• GetReadSetMetadata
  
  • Description:  Grants permission to get details about a Read Set in the given Sequence Store
  • Access:  Read
  • Resources: 

    Name: readSet

    Required: Yes

    Name: sequenceStore

    Required: Yes

• GetReference
  
  • Description:  Grants permission to get a Reference in the given Reference Store
  • Access:  Read
  • Resources: 

    Name: reference

    Required: Yes

    Name: referenceStore

    Required: Yes

• GetReferenceImportJob
  
  • Description:  Grants permission to get details about a Reference import job for the given Reference Store
  • Access:  Read
  • Resources: 

    Name: referenceStore

    Required: Yes

• GetReferenceMetadata
  
  • Description:  Grants permission to get details about a Reference in the given Reference Store
  • Access:  Read
  • Resources: 

    Name: reference

    Required: Yes

    Name: referenceStore

    Required: Yes

• GetReferenceStore
  
  • Description:  Grants permission to get details about a Reference Store
  • Access:  Read
  • Resources: 

    Name: referenceStore

    Required: Yes

• GetRun
  
  • Description:  Grants permission to retrieve workflow run details
  • Access:  Read
  • Resources: 

    Name: run

    Required: Yes

• GetRunGroup
  
  • Description:  Grants permission to retrieve workflow run group details
  • Access:  Read
  • Resources: 

    Name: runGroup

    Required: Yes

• GetRunTask
  
  • Description:  Grants permission to retrieve workflow task details
  • Access:  Read
  • Resources: 

    Name: TaskResource

    Required: Yes

    Name: run

    Required: Yes

• GetSequenceStore
  
  • Description:  Grants permission to get details about a Sequence Store
  • Access:  Read
  • Resources: 

    Name: sequenceStore

    Required: Yes

• GetVariantImportJob
  
  • Description:  Grants permission to get the status of a Variant Import Job
  • Access:  Read
  • Resources: 

    Name: VariantImportJob

    Required: Yes

• GetVariantStore
  
  • Description:  Grants permission to get detailed information about a Variant Store
  • Access:  Read
  • Resources: 

    Name: VariantStore

    Required: Yes

• GetWorkflow
  
  • Description:  Grants permission to retrieve workflow details
  • Access:  Read
  • Resources: 

    Name: workflow

    Required: Yes

• ListAnnotationImportJobs
  
  • Description:  Grants permission to get a list of Annotation Import Jobs
  • Access:  List
• ListAnnotationStores
  
  • Description:  Grants permission to retrieve a list of information about Annotation Stores
  • Access:  List
• ListReadSetActivationJobs
  
  • Description:  Grants permission to list Read Set activation jobs for the given Sequence Store
  • Access:  Read
  • Resources: 

    Name: sequenceStore

    Required: Yes

• ListReadSetExportJobs
  
  • Description:  Grants permission to list Read Set export jobs for the given Sequence Store
  • Access:  Read
  • Resources: 

    Name: sequenceStore

    Required: Yes

• ListReadSetImportJobs
  
  • Description:  Grants permission to list Read Set import jobs for the given Sequence Store
  • Access:  Read
  • Resources: 

    Name: sequenceStore

    Required: Yes

• ListReadSets
  
  • Description:  Grants permission to list Read Sets in the given Sequence Store
  • Access:  List
  • Resources: 

    Name: sequenceStore

    Required: Yes

• ListReferenceImportJobs
  
  • Description:  Grants permission to list Reference import jobs for the given Reference Store
  • Access:  Read
  • Resources: 

    Name: referenceStore

    Required: Yes

• ListReferenceStores
  
  • Description:  Grants permission to list Reference Stores
  • Access:  List
• ListReferences
  
  • Description:  Grants permission to list References in the given Reference Store
  • Access:  List
  • Resources: 

    Name: referenceStore

    Required: Yes

• ListRunGroups
  
  • Description:  Grants permission to retrieve a list of workflow run groups
  • Access:  List
• ListRunTasks
  
  • Description:  Grants permission to retrieve a list of tasks for a workflow run
  • Access:  List
  • Resources: 

    Name: run

    Required: Yes

• ListRuns
  
  • Description:  Grants permission to retrieve a list of workflow runs
  • Access:  List
• ListSequenceStores
  
  • Description:  Grants permission to list Sequence Stores
  • Access:  List
• ListTagsForResource
  
  • Description:  Grants permission to retrieve a list of resource AWS tags
  • Access:  List
• ListVariantImportJobs
  
  • Description:  Grants permission to get a list of Variant Import Jobs
  • Access:  List
• ListVariantStores
  
  • Description:  Grants permission to retrieve a list of metadata for Variant Stores
  • Access:  List
• ListWorkflows
  
  • Description:  Grants permission to retrieve a list of available workflows
  • Access:  List
• StartAnnotationImportJob
  
  • Description:  Grants permission to import a list of Annotation files to an Annotation Store
  • Access:  Write
• StartReadSetActivationJob
  
  • Description:  Grants permission to start a Read Set activation job from the given Sequence Store
  • Access:  Write
  • Resources: 

    Name: sequenceStore

    Required: Yes

• StartReadSetExportJob
  
  • Description:  Grants permission to start a Read Set export job from the given Sequence Store
  • Access:  Write
  • Resources: 

    Name: sequenceStore

    Required: Yes

• StartReadSetImportJob
  
  • Description:  Grants permission to start a Read Set import job into the given Sequence Store
  • Access:  Write
  • Resources: 

    Name: sequenceStore

    Required: Yes

• StartReferenceImportJob
  
  • Description:  Grants permission to start a Reference import job into the given Reference Store
  • Access:  Write
  • Resources: 

    Name: referenceStore

    Required: Yes

• StartRun
  
  • Description:  Grants permission to start a workflow run
  • Access:  Write
  • Conditions: 

    aws:RequestTag/${TagKey}

    aws:TagKeys

• StartVariantImportJob
  
  • Description:  Grants permission to import a list of variant files to an Variant Store
  • Access:  Write
• TagResource
  
  • Description:  Grants permission to add AWS tags to a resource
  • Access:  Tagging
  • Resources: 

    Name: readSet

    Required: No

    Name: reference

    Required: No

    Name: referenceStore

    Required: No

    Name: run

    Required: No

    Name: runGroup

    Required: No

    Name: sequenceStore

    Required: No

    Name: workflow

    Required: No

  • Conditions: 

    aws:RequestTag/${TagKey}

    aws:TagKeys

• UntagResource
  
  • Description:  Grants permission to remove resource AWS tags
  • Access:  Tagging
  • Resources: 

    Name: readSet

    Required: No

    Name: reference

    Required: No

    Name: referenceStore

    Required: No

    Name: run

    Required: No

    Name: runGroup

    Required: No

    Name: sequenceStore

    Required: No

    Name: workflow

    Required: No

  • Conditions: 

    aws:TagKeys

• UpdateAnnotationStore
  
  • Description:  Grants permission to update information about the Annotation Store
  • Access:  Write
  • Resources: 

    Name: AnnotationStore

    Required: Yes

• UpdateRunGroup
  
  • Description:  Grants permission to update a workflow run group
  • Access:  Write
  • Resources: 

    Name: runGroup

    Required: Yes

• UpdateVariantStore
  
  • Description:  Grants permission to update metadata about the Variant Store
  • Access:  Write
  • Resources: 

    Name: VariantStore

    Required: Yes

• UpdateWorkflow
  
  • Description:  Grants permission to update workflow details
  • Access:  Write
  • Resources: 

    Name: workflow

    Required: Yes

Resources

• AnnotationImportJob
  
  • Arn:  arn:${Partition}:omics:${Region}:${Account}:annotationImportJob/${AnnotationImportJobId}
  • Conditions: 

    omics:AnnotationImportJobJobId

• AnnotationStore
  
  • Arn:  arn:${Partition}:omics:${Region}:${Account}:annotationStore/${AnnotationStoreId}
  • Conditions: 

    omics:AnnotationStoreName

• readSet
  
  • Arn:  arn:${Partition}:omics:${Region}:${Account}:sequenceStore/${SequenceStoreId}/readSet/${ReadSetId}
  • Conditions: 

    aws:ResourceTag/${TagKey}

• reference
  
  • Arn:  arn:${Partition}:omics:${Region}:${Account}:referenceStore/${ReferenceStoreId}/reference/${ReferenceId}
  • Conditions: 

    aws:ResourceTag/${TagKey}

• referenceStore
  
  • Arn:  arn:${Partition}:omics:${Region}:${Account}:referenceStore/${ReferenceStoreId}
  • Conditions: 

    aws:ResourceTag/${TagKey}

• run
  
  • Arn:  arn:${Partition}:omics:${Region}:${Account}:run/${Id}
  • Conditions: 

    aws:ResourceTag/${TagKey}

• runGroup
  
  • Arn:  arn:${Partition}:omics:${Region}:${Account}:runGroup/${Id}
  • Conditions: 

    aws:ResourceTag/${TagKey}

• sequenceStore
  
  • Arn:  arn:${Partition}:omics:${Region}:${Account}:sequenceStore/${SequenceStoreId}
  • Conditions: 

    aws:ResourceTag/${TagKey}

• TaggingResource
  
  • Arn:  arn:${Partition}:omics:${Region}:${Account}:tag/${TagKey}
• TaskResource
  
  • Arn:  arn:${Partition}:omics:${Region}:${Account}:task/${Id}
• VariantImportJob
  
  • Arn:  arn:${Partition}:omics:${Region}:${Account}:variantImportJob/${VariantImportJobId}
  • Conditions: 

    omics:VariantImportJobJobId

• VariantStore
  
  • Arn:  arn:${Partition}:omics:${Region}:${Account}:variantStore/${VariantStoreId}
  • Conditions: 

    omics:VariantStoreName

• workflow
  
  • Arn:  arn:${Partition}:omics:${Region}:${Account}:workflow/${Id}
  • Conditions: 

    aws:ResourceTag/${TagKey}

Conditions

• aws:RequestTag/${TagKey}
  
  • Description:  Filters access by the presence of tag key-value pairs in the request
  • Type:  String
• aws:ResourceTag/${TagKey}
  
  • Description:  Filters access by the presence of tag key-value pairs attached to the resource
  • Type:  String
• aws:TagKeys
  
  • Description:  Filters access by the presence of tag keys in the request
  • Type:  ArrayOfString
• omics:AnnotationImportJobJobId
  
  • Description:  Filters access by a unique resource identifier
  • Type:  String
• omics:AnnotationStoreName
  
  • Description:  Filters access by the name of the store
  • Type:  String
• omics:VariantImportJobJobId
  
  • Description:  Filters access by a unique resource identifier
  • Type:  String
• omics:VariantStoreName
  
  • Description:  Filters access by the name of the store
  • Type:  String