AWS Diagnostic tools (ts)

2023-12-02

9 new actions, 2 new resources, 3 new conditions

Additions

    Actions
  • GetExecution
    • Description:  Grants permission to get details about specific execution within AWS Diagnostic tools
    • Access:  Read
    • Resources: 

      Name: execution

      Required: Yes

  • GetExecutionOutput
    • Description:  Grants permission to get details about specific execution output within AWS Diagnostic tools
    • Access:  Read
    • Resources: 

      Name: execution

      Required: Yes

  • GetTool
    • Description:  Grants permission to get details about specific tool within AWS Diagnostic tools
    • Access:  Read
    • Resources: 

      Name: tool

      Required: Yes

  • ListExecutions
    • Description:  Grants permission to list all available execution within AWS Diagnostic tools
    • Access:  List
  • ListTagsForResource
    • Description:  Grants permission to list the tags for an AWS Diagnostic tools resource
    • Access:  Read
    • Resources: 

      Name: execution

      Required: Yes

    • Conditions: 

      aws:RequestTag/${TagKey}

      aws:TagKeys
  • ListTools
    • Description:  Grants permission to list all available tools within AWS Diagnostic tools
    • Access:  List
  • StartExecution
    • Description:  Grants permission to start an execution workflow of specific tool within AWS Diagnostic tools
    • Access:  Write
    • Conditions: 

      aws:RequestTag/${TagKey}

      aws:TagKeys
    • Dependents: 

      iam:PassRole
  • TagResource
    • Description:  Grants permission to tag an AWS Diagnostic tools resource
    • Access:  Tagging
    • Resources: 

      Name: execution

      Required: Yes

    • Conditions: 

      aws:RequestTag/${TagKey}

      aws:TagKeys
  • UntagResource
    • Description:  Grants permission to untag an AWS Diagnostic tools resource
    • Access:  Tagging
    • Resources: 

      Name: execution

      Required: Yes

    • Conditions: 

      aws:TagKeys
    Resources
  • execution
    • Arn:  arn:${Partition}:ts::${Account}:execution/${UserId}/${ToolId}/${ExecutionId}
    • Conditions: 

      aws:ResourceTag/${TagKey}
  • tool
    • Arn:  arn:${Partition}:ts::tool/${ToolId}
    Conditions
  • aws:RequestTag/${TagKey}
    • Description:  Filters access by the allowed set of values for each of the tags
    • Type:  String
  • aws:ResourceTag/${TagKey}
    • Description:  Filters access by tag-value associated with the resource
    • Type:  String
  • aws:TagKeys
    • Description:  Filters access by the presence of mandatory tags in the request
    • Type:  ArrayOfString