Update SAR data

iann0036 · Sep 19, 2024 · 678cfae · 678cfae
1 parent e97eaa5
commit 678cfae
Show file tree

Hide file tree

Showing 44 changed files with 14,436 additions and 14,100 deletions.
diff --git a/aws/historic_counts.json b/aws/historic_counts.json
@@ -6279,6 +6279,10 @@
     {
       "count": 15536,
       "date": "2024-09-18T13:54:00"
+    },
+    {
+      "count": 15536,
+      "date": "2024-09-19T14:02:43"
     }
   ],
   "iam": [
@@ -11153,6 +11157,10 @@
     {
       "count": 17172,
       "date": "2024-09-18T13:54:00"
+    },
+    {
+      "count": 17177,
+      "date": "2024-09-19T14:02:43"
     }
   ]
 }
diff --git a/aws/iam_definition.json b/aws/iam_definition.json
@@ -4202,7 +4202,9 @@
         "resource_types": [
           {
             "condition_keys": [],
-            "dependent_actions": [],
+            "dependent_actions": [
+              "s3:ListAllMyBuckets"
+            ],
             "resource_type": ""
           }
         ]
@@ -147413,6 +147415,20 @@
           }
         ]
       },
+      {
+        "access_level": "Write",
+        "description": "Grants permission to associate SBOM files to a package version",
+        "privilege": "AssociateSbomWithPackageVersion",
+        "resource_types": [
+          {
+            "condition_keys": [],
+            "dependent_actions": [
+              "iot:GetIndexingConfiguration"
+            ],
+            "resource_type": "packageversion*"
+          }
+        ]
+      },
       {
         "access_level": "Write",
         "description": "Grants permission to associate a group with a continuous job",
@@ -147987,7 +148003,8 @@
           {
             "condition_keys": [],
             "dependent_actions": [
-              "iot:GetIndexingConfiguration"
+              "iot:GetIndexingConfiguration",
+              "s3:GetObjectVersion"
             ],
             "resource_type": "package*"
           },
@@ -149222,6 +149239,18 @@
           }
         ]
       },
+      {
+        "access_level": "Write",
+        "description": "Grants permission to disassociate SBOM files from a package version",
+        "privilege": "DisassociateSbomFromPackageVersion",
+        "resource_types": [
+          {
+            "condition_keys": [],
+            "dependent_actions": [],
+            "resource_type": "packageversion*"
+          }
+        ]
+      },
       {
         "access_level": "Write",
         "description": "Grants permission to enable the specified rule",
@@ -150000,6 +150029,18 @@
           }
         ]
       },
+      {
+        "access_level": "List",
+        "description": "Grants permission to list SBOM validation results of a package version",
+        "privilege": "ListSbomValidationResults",
+        "resource_types": [
+          {
+            "condition_keys": [],
+            "dependent_actions": [],
+            "resource_type": "packageversion*"
+          }
+        ]
+      },
       {
         "access_level": "List",
         "description": "Grants permission to list all of your scheduled audits",
@@ -151248,7 +151289,8 @@
           {
             "condition_keys": [],
             "dependent_actions": [
-              "iot:GetIndexingConfiguration"
+              "iot:GetIndexingConfiguration",
+              "s3:GetObjectVersion"
             ],
             "resource_type": "package*"
           },
@@ -240465,6 +240507,16 @@
         "condition": "s3express:x-amz-content-sha256",
         "description": "Filters access by unsigned content in your bucket",
         "type": "String"
+      },
+      {
+        "condition": "s3express:x-amz-server-side-encryption",
+        "description": "Filters access by server-side encryption",
+        "type": "String"
+      },
+      {
+        "condition": "s3express:x-amz-server-side-encryption-aws-kms-key-id",
+        "description": "Filters access by AWS KMS customer managed key for server-side encryption",
+        "type": "ARN"
       }
     ],
     "prefix": "s3express",
@@ -240486,7 +240538,9 @@
               "s3express:ResourceAccount",
               "s3express:signatureversion",
               "s3express:TlsVersion",
-              "s3express:x-amz-content-sha256"
+              "s3express:x-amz-content-sha256",
+              "s3express:x-amz-server-side-encryption",
+              "s3express:x-amz-server-side-encryption-aws-kms-key-id"
             ],
             "dependent_actions": [],
             "resource_type": ""
@@ -240587,6 +240641,29 @@
           }
         ]
       },
+      {
+        "access_level": "Read",
+        "description": "Grants permission to return the default encryption configuration for a directory bucket",
+        "privilege": "GetEncryptionConfiguration",
+        "resource_types": [
+          {
+            "condition_keys": [],
+            "dependent_actions": [],
+            "resource_type": "bucket*"
+          },
+          {
+            "condition_keys": [
+              "s3express:authType",
+              "s3express:ResourceAccount",
+              "s3express:signatureversion",
+              "s3express:TlsVersion",
+              "s3express:x-amz-content-sha256"
+            ],
+            "dependent_actions": [],
+            "resource_type": ""
+          }
+        ]
+      },
       {
         "access_level": "List",
         "description": "Grants permission to list all directory buckets owned by the authenticated sender of the request",
@@ -240627,6 +240704,29 @@
             "resource_type": ""
           }
         ]
+      },
+      {
+        "access_level": "Write",
+        "description": "Grants permission to set the encryption configuration for a directory bucket",
+        "privilege": "PutEncryptionConfiguration",
+        "resource_types": [
+          {
+            "condition_keys": [],
+            "dependent_actions": [],
+            "resource_type": "bucket*"
+          },
+          {
+            "condition_keys": [
+              "s3express:authType",
+              "s3express:ResourceAccount",
+              "s3express:signatureversion",
+              "s3express:TlsVersion",
+              "s3express:x-amz-content-sha256"
+            ],
+            "dependent_actions": [],
+            "resource_type": ""
+          }
+        ]
       }
     ],
     "resources": [

diff --git a/aws/managed_policies.json b/aws/managed_policies.json
@@ -9469,6 +9469,7 @@
         "iot:AcceptCertificateTransfer",
         "iot:AddThingToBillingGroup",
         "iot:AddThingToThingGroup",
+        "iot:AssociateSbomWithPackageVersion",
         "iot:AssociateTargetsWithJob",
         "iot:AttachPolicy",
         "iot:AttachPrincipalPolicy",
@@ -9591,6 +9592,7 @@
         "iot:DetachSecurityProfile",
         "iot:DetachThingPrincipal",
         "iot:DisableTopicRule",
+        "iot:DisassociateSbomFromPackageVersion",
         "iot:EnableTopicRule",
         "iot:GetBehaviorModelTrainingSummaries",
         "iot:GetBucketsAggregation",
@@ -9655,6 +9657,7 @@
         "iot:ListRelatedResourcesForAuditFinding",
         "iot:ListRetainedMessages",
         "iot:ListRoleAliases",
+        "iot:ListSbomValidationResults",
         "iot:ListScheduledAudits",
         "iot:ListSecurityProfiles",
         "iot:ListSecurityProfilesForTarget",
@@ -15021,8 +15024,10 @@
         "s3express:DeleteBucket",
         "s3express:DeleteBucketPolicy",
         "s3express:GetBucketPolicy",
+        "s3express:GetEncryptionConfiguration",
         "s3express:ListAllMyDirectoryBuckets",
         "s3express:PutBucketPolicy",
+        "s3express:PutEncryptionConfiguration",
         "sagemaker:AddAssociation",
         "sagemaker:AddTags",
         "sagemaker:AssociateTrialComponent",
@@ -22653,6 +22658,7 @@
         "iot:ListRelatedResourcesForAuditFinding",
         "iot:ListRetainedMessages",
         "iot:ListRoleAliases",
+        "iot:ListSbomValidationResults",
         "iot:ListScheduledAudits",
         "iot:ListSecurityProfiles",
         "iot:ListSecurityProfilesForTarget",
@@ -31295,6 +31301,7 @@
         "iot:ListRelatedResourcesForAuditFinding",
         "iot:ListRetainedMessages",
         "iot:ListRoleAliases",
+        "iot:ListSbomValidationResults",
         "iot:ListScheduledAudits",
         "iot:ListSecurityProfiles",
         "iot:ListSecurityProfilesForTarget",
@@ -70023,6 +70030,7 @@
         "iot:AcceptCertificateTransfer",
         "iot:AddThingToBillingGroup",
         "iot:AddThingToThingGroup",
+        "iot:AssociateSbomWithPackageVersion",
         "iot:AssociateTargetsWithJob",
         "iot:AttachPolicy",
         "iot:AttachPrincipalPolicy",
@@ -70145,6 +70153,7 @@
         "iot:DetachSecurityProfile",
         "iot:DetachThingPrincipal",
         "iot:DisableTopicRule",
+        "iot:DisassociateSbomFromPackageVersion",
         "iot:EnableTopicRule",
         "iot:GetBehaviorModelTrainingSummaries",
         "iot:GetBucketsAggregation",
@@ -70209,6 +70218,7 @@
         "iot:ListRelatedResourcesForAuditFinding",
         "iot:ListRetainedMessages",
         "iot:ListRoleAliases",
+        "iot:ListSbomValidationResults",
         "iot:ListScheduledAudits",
         "iot:ListSecurityProfiles",
         "iot:ListSecurityProfilesForTarget",
@@ -75520,8 +75530,10 @@
         "s3express:DeleteBucket",
         "s3express:DeleteBucketPolicy",
         "s3express:GetBucketPolicy",
+        "s3express:GetEncryptionConfiguration",
         "s3express:ListAllMyDirectoryBuckets",
         "s3express:PutBucketPolicy",
+        "s3express:PutEncryptionConfiguration",
         "sagemaker:AddAssociation",
         "sagemaker:AddTags",
         "sagemaker:AssociateTrialComponent",
@@ -84732,6 +84744,7 @@
         "iot:AcceptCertificateTransfer",
         "iot:AddThingToBillingGroup",
         "iot:AddThingToThingGroup",
+        "iot:AssociateSbomWithPackageVersion",
         "iot:AssociateTargetsWithJob",
         "iot:AttachPolicy",
         "iot:AttachPrincipalPolicy",
@@ -84854,6 +84867,7 @@
         "iot:DetachSecurityProfile",
         "iot:DetachThingPrincipal",
         "iot:DisableTopicRule",
+        "iot:DisassociateSbomFromPackageVersion",
         "iot:EnableTopicRule",
         "iot:GetBehaviorModelTrainingSummaries",
         "iot:GetBucketsAggregation",
@@ -84918,6 +84932,7 @@
         "iot:ListRelatedResourcesForAuditFinding",
         "iot:ListRetainedMessages",
         "iot:ListRoleAliases",
+        "iot:ListSbomValidationResults",
         "iot:ListScheduledAudits",
         "iot:ListSecurityProfiles",
         "iot:ListSecurityProfilesForTarget",
@@ -90146,6 +90161,7 @@
         "iot:ListRelatedResourcesForAuditFinding",
         "iot:ListRetainedMessages",
         "iot:ListRoleAliases",
+        "iot:ListSbomValidationResults",
         "iot:ListScheduledAudits",
         "iot:ListSecurityProfiles",
         "iot:ListSecurityProfilesForTarget",
@@ -104537,6 +104553,27 @@
       "updatedate": "2021-09-29T14:43:09+00:00",
       "version": "v1"
     },
+    {
+      "access_levels": [
+        "Permissions management"
+      ],
+      "arn": "arn:aws:iam::aws:policy/AWSDirectoryServiceDataFullAccess",
+      "createdate": "2024-09-18T21:45:17Z",
+      "credentials_exposure": false,
+      "data_access": false,
+      "deprecated": false,
+      "effective_action_names": [
+        "ds:AccessDSData"
+      ],
+      "malformed": false,
+      "name": "AWSDirectoryServiceDataFullAccess",
+      "privesc": false,
+      "resource_exposure": false,
+      "undocumented_actions": false,
+      "unknown_actions": true,
+      "updatedate": "2024-09-18T21:45:17+00:00",
+      "version": "v1"
+    },
     {
       "access_levels": [
         "List",
@@ -122167,6 +122204,27 @@
       "updatedate": "2015-02-06T18:40:43+00:00",
       "version": "v1"
     },
+    {
+      "access_levels": [
+        "Permissions management"
+      ],
+      "arn": "arn:aws:iam::aws:policy/AWSDirectoryServiceDataReadOnlyAccess",
+      "createdate": "2024-09-18T22:00:34Z",
+      "credentials_exposure": false,
+      "data_access": false,
+      "deprecated": false,
+      "effective_action_names": [
+        "ds:AccessDSData"
+      ],
+      "malformed": false,
+      "name": "AWSDirectoryServiceDataReadOnlyAccess",
+      "privesc": false,
+      "resource_exposure": false,
+      "undocumented_actions": false,
+      "unknown_actions": true,
+      "updatedate": "2024-09-18T22:00:34+00:00",
+      "version": "v1"
+    },
     {
       "access_levels": [
         "List",
@@ -133961,6 +134019,7 @@
         "iot:ListRelatedResourcesForAuditFinding",
         "iot:ListRetainedMessages",
         "iot:ListRoleAliases",
+        "iot:ListSbomValidationResults",
         "iot:ListScheduledAudits",
         "iot:ListSecurityProfiles",
         "iot:ListSecurityProfilesForTarget",