Merge pull request #699 from udondan/update-aws-managed-policies

udondan · May 15, 2024 · 2c85f99 · 2c85f99
2 parents e3ae67b + ec1eaed
commit 2c85f99
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 1 deletion.
diff --git a/docs/source/_static/managed-policies/AWSCleanRoomsFullAccessNoQuerying.json b/docs/source/_static/managed-policies/AWSCleanRoomsFullAccessNoQuerying.json
@@ -7,6 +7,7 @@
       "Action": [
         "cleanrooms:BatchGetCollaborationAnalysisTemplate",
         "cleanrooms:BatchGetSchema",
+        "cleanrooms:BatchGetSchemaAnalysisRule",
         "cleanrooms:CreateAnalysisTemplate",
         "cleanrooms:CreateCollaboration",
         "cleanrooms:CreateConfiguredTable",

diff --git a/docs/source/_static/managed-policies/AmazonSESReadOnlyAccess.json b/docs/source/_static/managed-policies/AmazonSESReadOnlyAccess.json
@@ -2,10 +2,12 @@
   "Version": "2012-10-17",
   "Statement": [
     {
+      "Sid": "SESReadOnlyAccess",
       "Effect": "Allow",
       "Action": [
         "ses:Get*",
-        "ses:List*"
+        "ses:List*",
+        "ses:BatchGetMetricData"
       ],
       "Resource": "*"
     }

diff --git a/docs/source/_static/managed-policies/AmazonSecurityLakePermissionsBoundary.json b/docs/source/_static/managed-policies/AmazonSecurityLakePermissionsBoundary.json
@@ -2,6 +2,7 @@
   "Version": "2012-10-17",
   "Statement": [
     {
+      "Sid": "AllowActionsForSecurityLake",
       "Effect": "Allow",
       "Action": [
         "s3:GetObject",
@@ -23,6 +24,7 @@
       "Resource": "*"
     },
     {
+      "Sid": "DenyActionsForSecurityLake",
       "Effect": "Deny",
       "NotAction": [
         "s3:GetObject",
@@ -44,6 +46,7 @@
       "Resource": "*"
     },
     {
+      "Sid": "DenyActionsNotOnSecurityLakeBucket",
       "Effect": "Deny",
       "Action": [
         "s3:GetObject",
@@ -58,6 +61,7 @@
       ]
     },
     {
+      "Sid": "DenyActionsNotOnSecurityLakeSQS",
       "Effect": "Deny",
       "Action": [
         "sqs:ReceiveMessage",
@@ -71,6 +75,7 @@
       "NotResource": "arn:aws:sqs:*:*:AmazonSecurityLake*"
     },
     {
+      "Sid": "DenyActionsNotOnSecurityLakeKMSS3SQS",
       "Effect": "Deny",
       "Action": [
         "kms:Decrypt",
@@ -87,6 +92,7 @@
       }
     },
     {
+      "Sid": "DenyActionsNotOnSecurityLakeKMSForS3",
       "Effect": "Deny",
       "Action": [
         "kms:Decrypt",
@@ -105,6 +111,7 @@
       }
     },
     {
+      "Sid": "DenyActionsNotOnSecurityLakeKMSForS3SQS",
       "Effect": "Deny",
       "Action": [
         "kms:Decrypt",