AWS Backup Search (backup-search)

2024-12-19

12 new actions, 2 new resources, 3 new conditions

Additions

    Actions
  • GetSearchJob
    • Description:  Grants permission to get details of a search job
    • Access:  Read
    • Resources: 

      Name: searchJob

      Required: Yes

  • GetSearchResultExportJob
    • Description:  Grants permission to get details of a search result export job
    • Access:  Read
    • Resources: 

      Name: searchExportJob

      Required: Yes

  • ListSearchJobBackups
    • Description:  Grants permission to list backups in scope of a search job
    • Access:  Read
    • Resources: 

      Name: searchJob

      Required: Yes

  • ListSearchJobResults
    • Description:  Grants permission to list results of a search job
    • Access:  Read
    • Resources: 

      Name: searchJob

      Required: Yes

  • ListSearchJobs
    • Description:  Grants permission to list search jobs
    • Access:  List
  • ListSearchResultExportJobs
    • Description:  Grants permission to list search result export jobs
    • Access:  List
  • ListTagsForResource
    • Description:  Grants permission to list tags for a resource
    • Access:  Read
    • Resources: 

      Name: searchExportJob

      Required: No

      Name: searchJob

      Required: No

  • StartSearchJob
    • Description:  Grants permission to create a search job
    • Access:  Write
    • Conditions: 

      aws:RequestTag/${TagKey}

      aws:TagKeys
  • StartSearchResultExportJob
    • Description:  Grants permission to start an export job for an existing search job
    • Access:  Write
    • Resources: 

      Name: searchJob

      Required: Yes

    • Conditions: 

      aws:RequestTag/${TagKey}

      aws:TagKeys
    • Dependents: 

      iam:PassRole
  • StopSearchJob
    • Description:  Grants permission to stop an in-progress search job
    • Access:  Write
    • Resources: 

      Name: searchJob

      Required: Yes

  • TagResource
    • Description:  Grants permission to tag a resource
    • Access:  Tagging
    • Resources: 

      Name: searchExportJob

      Required: No

      Name: searchJob

      Required: No

    • Conditions: 

      aws:RequestTag/${TagKey}

      aws:TagKeys
  • UntagResource
    • Description:  Grants permission to untag a resource
    • Access:  Tagging
    • Resources: 

      Name: searchExportJob

      Required: No

      Name: searchJob

      Required: No

    • Conditions: 

      aws:TagKeys
    Resources
  • searchJob
    • Arn:  arn:${Partition}:backup-search:${Region}:${Account}:search-job/${ResourceId}
    • Conditions: 

      aws:ResourceTag/${TagKey}
  • searchExportJob
    • Arn:  arn:${Partition}:backup-search:${Region}:${Account}:search-export-job/${ResourceId}
    • Conditions: 

      aws:ResourceTag/${TagKey}
    Conditions
  • aws:RequestTag/${TagKey}
    • Description:  Filters access by the allowed set of values for each of the tags
    • Type:  String
  • aws:ResourceTag/${TagKey}
    • Description:  Filters access by the tags associated with the resource
    • Type:  String
  • aws:TagKeys
    • Description:  Filters access by the presence of mandatory tags in the request
    • Type:  ArrayOfString