Merge pull request #1085 from udondan/update-aws-managed-policies

udondan · Jan 18, 2025 · 96d251b · 96d251b
2 parents 3ba4ca4 + 4dc5094
commit 96d251b
Show file tree

Hide file tree

Showing 6 changed files with 45 additions and 1 deletion.
diff --git a/docs/source/_static/managed-policies/AWSDMSServerlessServiceRolePolicy.json b/docs/source/_static/managed-policies/AWSDMSServerlessServiceRolePolicy.json
@@ -30,7 +30,9 @@
       "Action": [
         "dms:StartReplicationTask",
         "dms:StopReplicationTask",
+        "dms:ModifyReplicationTask",
         "dms:DeleteReplicationTask",
+        "dms:ModifyReplicationInstance",
         "dms:DeleteReplicationInstance"
       ],
       "Resource": [

diff --git a/docs/source/_static/managed-policies/AmazonSageMakerPartnerAppsFullAccess.json b/docs/source/_static/managed-policies/AmazonSageMakerPartnerAppsFullAccess.json
@@ -0,0 +1,26 @@
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Sid": "AmazonSageMakerPartnerListAppsPermission",
+      "Effect": "Allow",
+      "Action": "sagemaker:ListPartnerApps",
+      "Resource": "*"
+    },
+    {
+      "Sid": "AmazonSageMakerPartnerAppsPermission",
+      "Effect": "Allow",
+      "Action": [
+        "sagemaker:CreatePartnerAppPresignedUrl",
+        "sagemaker:DescribePartnerApp",
+        "sagemaker:CallPartnerAppApi"
+      ],
+      "Condition": {
+        "StringEquals": {
+          "aws:ResourceAccount": "${aws:PrincipalAccount}"
+        }
+      },
+      "Resource": "arn:aws:sagemaker:*:*:partner-app/*"
+    }
+  ]
+}
diff --git a/docs/source/_static/managed-policies/Billing.json b/docs/source/_static/managed-policies/Billing.json
@@ -9,18 +9,27 @@
         "aws-portal:*Billing",
         "aws-portal:*PaymentMethods",
         "aws-portal:*Usage",
+        "billing:CreateBillingView",
+        "billing:DeleteBillingView",
         "billing:GetBillingData",
         "billing:GetBillingDetails",
         "billing:GetBillingNotifications",
         "billing:GetBillingPreferences",
+        "billing:GetBillingView",
         "billing:GetContractInformation",
         "billing:GetCredits",
         "billing:GetIAMAccessPreference",
         "billing:GetSellerOfRecord",
         "billing:ListBillingViews",
         "billing:PutContractInformation",
         "billing:RedeemCredits",
+        "billing:GetResourcePolicy",
+        "billing:ListSourceViewsForBillingView",
+        "billing:ListTagsForResource",
+        "billing:TagResource",
+        "billing:UntagResource",
         "billing:UpdateBillingPreferences",
+        "billing:UpdateBillingView",
         "billing:UpdateIAMAccessPreference",
         "budgets:CreateBudgetAction",
         "budgets:DeleteBudgetAction",

diff --git a/docs/source/_static/managed-policies/index.json b/docs/source/_static/managed-policies/index.json
diff --git a/lib/generated/aws-managed-policies/cdk-iam-floyd.ts b/lib/generated/aws-managed-policies/cdk-iam-floyd.ts
@@ -2029,6 +2029,11 @@ export class AwsManagedPolicy extends AwsManagedPolicyStatic {
         return aws_iam.ManagedPolicy.fromAwsManagedPolicyName(AwsManagedPolicyStatic.AmazonSageMakerNotebooksServiceRolePolicy);
     }
 
+    /** Enables Amazon SageMaker partner app users to access applications, list available applications, launch application web UIs, and connect via the application SDK. */
+    public AmazonSageMakerPartnerAppsFullAccess(): aws_iam.IManagedPolicy {
+        return aws_iam.ManagedPolicy.fromAwsManagedPolicyName(AwsManagedPolicyStatic.AmazonSageMakerPartnerAppsFullAccess);
+    }
+
     /** Service role policy used by the AWS APIGateway within the AWS ServiceCatalog provisioned products from Amazon SageMaker portfolio of products. Grants permissions to a set of related services including Lambda and others. */
     public AmazonSageMakerPartnerServiceCatalogProductsApiGatewayServiceRolePolicy(): aws_iam.IManagedPolicy {
         return aws_iam.ManagedPolicy.fromAwsManagedPolicyName(AwsManagedPolicyStatic.AmazonSageMakerPartnerServiceCatalogProductsApiGatewayServiceRolePolicy);

diff --git a/lib/generated/aws-managed-policies/iam-floyd.ts b/lib/generated/aws-managed-policies/iam-floyd.ts
@@ -808,6 +808,8 @@ export class AwsManagedPolicy {
     public static AmazonSageMakerModelRegistryFullAccess = 'AmazonSageMakerModelRegistryFullAccess';
     /** Managed policy for Service Linked Role for Amazon SageMaker Notebooks */
     public static AmazonSageMakerNotebooksServiceRolePolicy = 'aws-service-role/AmazonSageMakerNotebooksServiceRolePolicy';
+    /** Enables Amazon SageMaker partner app users to access applications, list available applications, launch application web UIs, and connect via the application SDK. */
+    public static AmazonSageMakerPartnerAppsFullAccess = 'AmazonSageMakerPartnerAppsFullAccess';
     /** Service role policy used by the AWS APIGateway within the AWS ServiceCatalog provisioned products from Amazon SageMaker portfolio of products. Grants permissions to a set of related services including Lambda and others. */
     public static AmazonSageMakerPartnerServiceCatalogProductsApiGatewayServiceRolePolicy = 'service-role/AmazonSageMakerPartnerServiceCatalogProductsApiGatewayServiceRolePolicy';
     /** Service role policy used by the AWS CloudFormation within the AWS ServiceCatalog provisioned products from Amazon SageMaker portfolio of products. Grants permissions to a subset of related services including Lambda, APIGateway and others. */