From 5f6c8ad999006c51149c30f80383b69a1991c2b3 Mon Sep 17 00:00:00 2001 From: udondan Date: Wed, 8 Jan 2025 01:37:00 +0000 Subject: [PATCH] Updates AWS managed policies --- .../AWSBackupServiceLinkedRolePolicyForBackup.json | 10 ++++++++++ .../AWSBackupServiceRolePolicyForRestores.json | 4 +++- .../_static/managed-policies/ReadOnlyAccess.json | 9 +++++++++ 3 files changed, 22 insertions(+), 1 deletion(-) diff --git a/docs/source/_static/managed-policies/AWSBackupServiceLinkedRolePolicyForBackup.json b/docs/source/_static/managed-policies/AWSBackupServiceLinkedRolePolicyForBackup.json index 8ec677958..3ee4f307b 100644 --- a/docs/source/_static/managed-policies/AWSBackupServiceLinkedRolePolicyForBackup.json +++ b/docs/source/_static/managed-policies/AWSBackupServiceLinkedRolePolicyForBackup.json @@ -135,6 +135,16 @@ ], "Resource": "arn:aws:rds:*:*:cluster-snapshot:awsbackup:*" }, + { + "Sid": "RDSSnapshotTenantDatabasePermissions", + "Effect": "Allow", + "Action": [ + "rds:AddTagsToResource" + ], + "Resource": [ + "arn:aws:rds:*:*:snapshot-tenant-database:awsbackup:*" + ] + }, { "Sid": "KMSDescribePermissions", "Effect": "Allow", diff --git a/docs/source/_static/managed-policies/AWSBackupServiceRolePolicyForRestores.json b/docs/source/_static/managed-policies/AWSBackupServiceRolePolicyForRestores.json index 6724c020d..bdd43bf83 100644 --- a/docs/source/_static/managed-policies/AWSBackupServiceRolePolicyForRestores.json +++ b/docs/source/_static/managed-policies/AWSBackupServiceRolePolicyForRestores.json @@ -99,7 +99,9 @@ "rds:DeleteDBCluster", "rds:RestoreDBInstanceToPointInTime", "rds:DescribeDBClusterSnapshots", - "rds:RestoreDBClusterToPointInTime" + "rds:RestoreDBClusterToPointInTime", + "rds:CreateTenantDatabase", + "rds:DeleteTenantDatabase" ], "Resource": "*" }, diff --git a/docs/source/_static/managed-policies/ReadOnlyAccess.json b/docs/source/_static/managed-policies/ReadOnlyAccess.json index 4ad6cde98..c03924edf 100644 --- a/docs/source/_static/managed-policies/ReadOnlyAccess.json +++ b/docs/source/_static/managed-policies/ReadOnlyAccess.json @@ -13,6 +13,7 @@ "access-analyzer:GetAnalyzer", "access-analyzer:GetArchiveRule", "access-analyzer:GetFinding", + "access-analyzer:GetFindingsStatistics", "access-analyzer:GetGeneratedPolicy", "access-analyzer:ListAccessPreviewFindings", "access-analyzer:ListAccessPreviews", @@ -50,6 +51,7 @@ "amplify:GetDomainAssociation", "amplify:GetJob", "amplify:ListApps", + "amplify:ListBackendEnvironments", "amplify:ListBranches", "amplify:ListDomainAssociations", "amplify:ListJobs", @@ -2252,14 +2254,21 @@ "sts:GetCallerIdentity", "sts:GetSessionToken", "support:DescribeAttachment", + "support:DescribeCaseAttributes", "support:DescribeCases", + "support:DescribeCommunication", "support:DescribeCommunications", + "support:DescribeCreateCaseOptions", + "support:DescribeIssueTypes", "support:DescribeServices", "support:DescribeSeverityLevels", + "support:DescribeSupportedLanguages", + "support:DescribeSupportLevel", "support:DescribeTrustedAdvisorCheckRefreshStatuses", "support:DescribeTrustedAdvisorCheckResult", "support:DescribeTrustedAdvisorChecks", "support:DescribeTrustedAdvisorCheckSummaries", + "support:SearchForCases", "supportplans:GetSupportPlan", "supportplans:GetSupportPlanUpdateStatus", "supportplans:ListSupportPlanModifiers",