{ "Name" : "s3", "Actions" : [ { "Name" : "AbortMultipartUpload", "ActionConditionKeys" : [ "s3:AccessGrantsInstanceArn", "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "AssociateAccessGrantsIdentityCenter", "ActionConditionKeys" : [ "aws:ResourceTag/${TagKey}", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "accessgrantsinstance" } ] }, { "Name" : "BypassGovernanceRetention", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:RequestObjectTag/", "s3:RequestObjectTagKeys", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-acl", "s3:x-amz-content-sha256", "s3:x-amz-copy-source", "s3:x-amz-grant-full-control", "s3:x-amz-grant-read", "s3:x-amz-grant-read-acp", "s3:x-amz-grant-write", "s3:x-amz-grant-write-acp", "s3:x-amz-metadata-directive", "s3:x-amz-server-side-encryption", "s3:x-amz-server-side-encryption-aws-kms-key-id", "s3:x-amz-server-side-encryption-customer-algorithm", "s3:x-amz-storage-class", "s3:x-amz-website-redirect-location" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "CreateAccessGrant", "ActionConditionKeys" : [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys", "s3:AccessGrantScope", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "accessgrantslocation" } ] }, { "Name" : "CreateAccessGrantsInstance", "ActionConditionKeys" : [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "accessgrantsinstance" } ] }, { "Name" : "CreateAccessGrantsLocation", "ActionConditionKeys" : [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys", "s3:AccessGrantsLocationScope", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "accessgrantsinstance" } ] }, { "Name" : "CreateAccessPoint", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:locationconstraint", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-acl", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "accesspoint" } ] }, { "Name" : "CreateAccessPointForObjectLambda", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "objectlambdaaccesspoint" } ] }, { "Name" : "CreateBucket", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:locationconstraint", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-acl", "s3:x-amz-content-sha256", "s3:x-amz-grant-full-control", "s3:x-amz-grant-read", "s3:x-amz-grant-read-acp", "s3:x-amz-grant-write", "s3:x-amz-grant-write-acp", "s3:x-amz-object-ownership" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "CreateBucketMetadataTableConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "CreateJob", "ActionConditionKeys" : [ "aws:RequestTag/${TagKey}", "aws:TagKeys", "s3:RequestJobOperation", "s3:RequestJobPriority", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } } }, { "Name" : "CreateMultiRegionAccessPoint", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "multiregionaccesspoint" } ] }, { "Name" : "CreateStorageLensGroup", "ActionConditionKeys" : [ "aws:RequestTag/${TagKey}", "aws:TagKeys", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } } }, { "Name" : "DeleteAccessGrant", "ActionConditionKeys" : [ "aws:ResourceTag/${TagKey}", "s3:AccessGrantScope", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "accessgrant" } ] }, { "Name" : "DeleteAccessGrantsInstance", "ActionConditionKeys" : [ "aws:ResourceTag/${TagKey}", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "accessgrantsinstance" } ] }, { "Name" : "DeleteAccessGrantsInstanceResourcePolicy", "ActionConditionKeys" : [ "aws:ResourceTag/${TagKey}", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "accessgrantsinstance" } ] }, { "Name" : "DeleteAccessGrantsLocation", "ActionConditionKeys" : [ "aws:ResourceTag/${TagKey}", "s3:AccessGrantsLocationScope", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "accessgrantslocation" } ] }, { "Name" : "DeleteAccessPoint", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "accesspoint" } ] }, { "Name" : "DeleteAccessPointForObjectLambda", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "objectlambdaaccesspoint" } ] }, { "Name" : "DeleteAccessPointPolicy", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "accesspoint" } ] }, { "Name" : "DeleteAccessPointPolicyForObjectLambda", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "objectlambdaaccesspoint" } ] }, { "Name" : "DeleteBucket", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "DeleteBucketMetadataTableConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "DeleteBucketPolicy", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "DeleteBucketWebsite", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "DeleteJobTagging", "ActionConditionKeys" : [ "s3:ExistingJobOperation", "s3:ExistingJobPriority", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : true, "IsWrite" : true } }, "Resources" : [ { "Name" : "job" } ] }, { "Name" : "DeleteMultiRegionAccessPoint", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "multiregionaccesspoint" } ] }, { "Name" : "DeleteObject", "ActionConditionKeys" : [ "s3:AccessGrantsInstanceArn", "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "DeleteObjectTagging", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ExistingObjectTag/", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : true, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "DeleteObjectVersion", "ActionConditionKeys" : [ "s3:AccessGrantsInstanceArn", "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:versionid", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "DeleteObjectVersionTagging", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ExistingObjectTag/", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:versionid", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : true, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "DeleteStorageLensConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "storagelensconfiguration" } ] }, { "Name" : "DeleteStorageLensConfigurationTagging", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : true, "IsWrite" : true } }, "Resources" : [ { "Name" : "storagelensconfiguration" } ] }, { "Name" : "DeleteStorageLensGroup", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "storagelensgroup" } ] }, { "Name" : "DescribeJob", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "job" } ] }, { "Name" : "DescribeMultiRegionAccessPointOperation", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "multiregionaccesspointrequestarn" } ] }, { "Name" : "DissociateAccessGrantsIdentityCenter", "ActionConditionKeys" : [ "aws:ResourceTag/${TagKey}", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "accessgrantsinstance" } ] }, { "Name" : "GetAccelerateConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetAccessGrant", "ActionConditionKeys" : [ "aws:ResourceTag/${TagKey}", "s3:AccessGrantScope", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "accessgrant" } ] }, { "Name" : "GetAccessGrantsInstance", "ActionConditionKeys" : [ "aws:ResourceTag/${TagKey}", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "accessgrantsinstance" } ] }, { "Name" : "GetAccessGrantsInstanceForPrefix", "ActionConditionKeys" : [ "aws:ResourceTag/${TagKey}", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "accessgrantsinstance" } ] }, { "Name" : "GetAccessGrantsInstanceResourcePolicy", "ActionConditionKeys" : [ "aws:ResourceTag/${TagKey}", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "accessgrantsinstance" } ] }, { "Name" : "GetAccessGrantsLocation", "ActionConditionKeys" : [ "aws:ResourceTag/${TagKey}", "s3:AccessGrantsLocationScope", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "accessgrantslocation" } ] }, { "Name" : "GetAccessPoint", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } } }, { "Name" : "GetAccessPointConfigurationForObjectLambda", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "objectlambdaaccesspoint" } ] }, { "Name" : "GetAccessPointForObjectLambda", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "objectlambdaaccesspoint" } ] }, { "Name" : "GetAccessPointPolicy", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "accesspoint" } ] }, { "Name" : "GetAccessPointPolicyForObjectLambda", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "objectlambdaaccesspoint" } ] }, { "Name" : "GetAccessPointPolicyStatus", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "accesspoint" } ] }, { "Name" : "GetAccessPointPolicyStatusForObjectLambda", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "objectlambdaaccesspoint" } ] }, { "Name" : "GetAccountPublicAccessBlock", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } } }, { "Name" : "GetAnalyticsConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetBucketAcl", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetBucketCORS", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetBucketLocation", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetBucketLogging", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetBucketMetadataTableConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetBucketNotification", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetBucketObjectLockConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:signatureversion" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetBucketOwnershipControls", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetBucketPolicy", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetBucketPolicyStatus", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetBucketPublicAccessBlock", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetBucketRequestPayment", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetBucketTagging", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetBucketVersioning", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetBucketWebsite", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetDataAccess", "ActionConditionKeys" : [ "aws:ResourceTag/${TagKey}", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "accessgrantsinstance" } ] }, { "Name" : "GetEncryptionConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetIntelligentTieringConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetInventoryConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetJobTagging", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "job" } ] }, { "Name" : "GetLifecycleConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetMetricsConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetMultiRegionAccessPoint", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "multiregionaccesspoint" } ] }, { "Name" : "GetMultiRegionAccessPointPolicy", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "multiregionaccesspoint" } ] }, { "Name" : "GetMultiRegionAccessPointPolicyStatus", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "multiregionaccesspoint" } ] }, { "Name" : "GetMultiRegionAccessPointRoutes", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "multiregionaccesspoint" } ] }, { "Name" : "GetObject", "ActionConditionKeys" : [ "s3:AccessGrantsInstanceArn", "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ExistingObjectTag/", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:if-match", "s3:if-none-match", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "GetObjectAcl", "ActionConditionKeys" : [ "s3:AccessGrantsInstanceArn", "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ExistingObjectTag/", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "GetObjectAttributes", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ExistingObjectTag/", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "accesspoint" }, { "Name" : "object" } ] }, { "Name" : "GetObjectLegalHold", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "GetObjectRetention", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "GetObjectTagging", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ExistingObjectTag/", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "GetObjectTorrent", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "GetObjectVersion", "ActionConditionKeys" : [ "s3:AccessGrantsInstanceArn", "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ExistingObjectTag/", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:versionid", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "GetObjectVersionAcl", "ActionConditionKeys" : [ "s3:AccessGrantsInstanceArn", "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ExistingObjectTag/", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:versionid", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "GetObjectVersionAttributes", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ExistingObjectTag/", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:versionid", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "GetObjectVersionForReplication", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "GetObjectVersionTagging", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ExistingObjectTag/", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:versionid", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "GetObjectVersionTorrent", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:versionid", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "GetReplicationConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "GetStorageLensConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "storagelensconfiguration" } ] }, { "Name" : "GetStorageLensConfigurationTagging", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "storagelensconfiguration" } ] }, { "Name" : "GetStorageLensDashboard", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "storagelensconfiguration" } ] }, { "Name" : "GetStorageLensGroup", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "storagelensgroup" } ] }, { "Name" : "InitiateReplication", "ActionConditionKeys" : [ "s3:ResourceAccount" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "ListAccessGrants", "ActionConditionKeys" : [ "aws:ResourceTag/${TagKey}", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : true, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "accessgrantsinstance" } ] }, { "Name" : "ListAccessGrantsInstances", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : true, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } } }, { "Name" : "ListAccessGrantsLocations", "ActionConditionKeys" : [ "aws:ResourceTag/${TagKey}", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : true, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "accessgrantsinstance" } ] }, { "Name" : "ListAccessPoints", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : true, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } } }, { "Name" : "ListAccessPointsForObjectLambda", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : true, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } } }, { "Name" : "ListAllMyBuckets", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : true, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } } }, { "Name" : "ListBucket", "ActionConditionKeys" : [ "s3:AccessGrantsInstanceArn", "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:delimiter", "s3:max-keys", "s3:prefix", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : true, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "ListBucketMultipartUploads", "ActionConditionKeys" : [ "s3:AccessGrantsInstanceArn", "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : true, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "ListBucketVersions", "ActionConditionKeys" : [ "s3:AccessGrantsInstanceArn", "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:delimiter", "s3:max-keys", "s3:prefix", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : true, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "ListCallerAccessGrants", "ActionConditionKeys" : [ "aws:ResourceTag/${TagKey}", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : true, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "accessgrantsinstance" } ] }, { "Name" : "ListJobs", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : true, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } } }, { "Name" : "ListMultiRegionAccessPoints", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion" ], "Annotations" : { "Properties" : { "IsList" : true, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } } }, { "Name" : "ListMultipartUploadParts", "ActionConditionKeys" : [ "s3:AccessGrantsInstanceArn", "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : true, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "ListStorageLensConfigurations", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : true, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } } }, { "Name" : "ListStorageLensGroups", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : true, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } } }, { "Name" : "ListTagsForResource", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : true, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : false } }, "Resources" : [ { "Name" : "accessgrant" }, { "Name" : "accessgrantsinstance" }, { "Name" : "accessgrantslocation" }, { "Name" : "storagelensgroup" } ] }, { "Name" : "ObjectOwnerOverrideToBucketOwner", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "PauseReplication", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:destinationRegion", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutAccelerateConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutAccessGrantsInstanceResourcePolicy", "ActionConditionKeys" : [ "aws:ResourceTag/${TagKey}", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "accessgrantsinstance" } ] }, { "Name" : "PutAccessPointConfigurationForObjectLambda", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "objectlambdaaccesspoint" } ] }, { "Name" : "PutAccessPointPolicy", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "accesspoint" } ] }, { "Name" : "PutAccessPointPolicyForObjectLambda", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "objectlambdaaccesspoint" } ] }, { "Name" : "PutAccessPointPublicAccessBlock", "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } } }, { "Name" : "PutAccountPublicAccessBlock", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } } }, { "Name" : "PutAnalyticsConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutBucketAcl", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-acl", "s3:x-amz-content-sha256", "s3:x-amz-grant-full-control", "s3:x-amz-grant-read", "s3:x-amz-grant-read-acp", "s3:x-amz-grant-write", "s3:x-amz-grant-write-acp" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutBucketCORS", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutBucketLogging", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutBucketNotification", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutBucketObjectLockConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutBucketOwnershipControls", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutBucketPolicy", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutBucketPublicAccessBlock", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutBucketRequestPayment", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutBucketTagging", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : true, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutBucketVersioning", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutBucketWebsite", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutEncryptionConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutIntelligentTieringConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutInventoryConfiguration", "ActionConditionKeys" : [ "s3:InventoryAccessibleOptionalFields", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutJobTagging", "ActionConditionKeys" : [ "aws:RequestTag/${TagKey}", "aws:TagKeys", "s3:ExistingJobOperation", "s3:ExistingJobPriority", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : true, "IsWrite" : true } }, "Resources" : [ { "Name" : "job" } ] }, { "Name" : "PutLifecycleConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutMetricsConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutMultiRegionAccessPointPolicy", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "multiregionaccesspoint" } ] }, { "Name" : "PutObject", "ActionConditionKeys" : [ "s3:AccessGrantsInstanceArn", "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ObjectCreationOperation", "s3:RequestObjectTag/", "s3:RequestObjectTagKeys", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:if-match", "s3:if-none-match", "s3:object-lock-legal-hold", "s3:object-lock-mode", "s3:object-lock-remaining-retention-days", "s3:object-lock-retain-until-date", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-acl", "s3:x-amz-content-sha256", "s3:x-amz-copy-source", "s3:x-amz-grant-full-control", "s3:x-amz-grant-read", "s3:x-amz-grant-read-acp", "s3:x-amz-grant-write", "s3:x-amz-grant-write-acp", "s3:x-amz-metadata-directive", "s3:x-amz-server-side-encryption", "s3:x-amz-server-side-encryption-aws-kms-key-id", "s3:x-amz-server-side-encryption-customer-algorithm", "s3:x-amz-storage-class", "s3:x-amz-website-redirect-location" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "PutObjectAcl", "ActionConditionKeys" : [ "s3:AccessGrantsInstanceArn", "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ExistingObjectTag/", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-acl", "s3:x-amz-content-sha256", "s3:x-amz-grant-full-control", "s3:x-amz-grant-read", "s3:x-amz-grant-read-acp", "s3:x-amz-grant-write", "s3:x-amz-grant-write-acp", "s3:x-amz-storage-class" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "PutObjectLegalHold", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:object-lock-legal-hold", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "PutObjectRetention", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:object-lock-mode", "s3:object-lock-remaining-retention-days", "s3:object-lock-retain-until-date", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "PutObjectTagging", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ExistingObjectTag/", "s3:RequestObjectTag/", "s3:RequestObjectTagKeys", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : true, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "PutObjectVersionAcl", "ActionConditionKeys" : [ "s3:AccessGrantsInstanceArn", "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ExistingObjectTag/", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:versionid", "s3:x-amz-acl", "s3:x-amz-content-sha256", "s3:x-amz-grant-full-control", "s3:x-amz-grant-read", "s3:x-amz-grant-read-acp", "s3:x-amz-grant-write", "s3:x-amz-grant-write-acp", "s3:x-amz-storage-class" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "PutObjectVersionTagging", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ExistingObjectTag/", "s3:RequestObjectTag/", "s3:RequestObjectTagKeys", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:versionid", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : true, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "PutReplicationConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:isReplicationPauseRequest", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "PutStorageLensConfiguration", "ActionConditionKeys" : [ "aws:RequestTag/${TagKey}", "aws:TagKeys", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } } }, { "Name" : "PutStorageLensConfigurationTagging", "ActionConditionKeys" : [ "aws:RequestTag/${TagKey}", "aws:TagKeys", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : true, "IsWrite" : true } }, "Resources" : [ { "Name" : "storagelensconfiguration" } ] }, { "Name" : "ReplicateDelete", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "ReplicateObject", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256", "s3:x-amz-server-side-encryption", "s3:x-amz-server-side-encryption-aws-kms-key-id", "s3:x-amz-server-side-encryption-customer-algorithm" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "ReplicateTags", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : true, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "RestoreObject", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "object" } ] }, { "Name" : "SubmitMultiRegionAccessPointRoutes", "ActionConditionKeys" : [ "s3:AccessPointNetworkOrigin", "s3:DataAccessPointAccount", "s3:DataAccessPointArn", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "multiregionaccesspoint" } ] }, { "Name" : "TagResource", "ActionConditionKeys" : [ "aws:RequestTag/${TagKey}", "aws:TagKeys", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : true, "IsWrite" : true } }, "Resources" : [ { "Name" : "accessgrant" }, { "Name" : "accessgrantsinstance" }, { "Name" : "accessgrantslocation" }, { "Name" : "storagelensgroup" } ] }, { "Name" : "UntagResource", "ActionConditionKeys" : [ "aws:TagKeys", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : true, "IsWrite" : true } }, "Resources" : [ { "Name" : "accessgrant" }, { "Name" : "accessgrantsinstance" }, { "Name" : "accessgrantslocation" }, { "Name" : "storagelensgroup" } ] }, { "Name" : "UpdateAccessGrantsLocation", "ActionConditionKeys" : [ "aws:ResourceTag/${TagKey}", "s3:AccessGrantsLocationScope", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : true, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "accessgrantslocation" } ] }, { "Name" : "UpdateBucketMetadataInventoryTableConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "UpdateBucketMetadataJournalTableConfiguration", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "bucket" } ] }, { "Name" : "UpdateJobPriority", "ActionConditionKeys" : [ "s3:ExistingJobOperation", "s3:ExistingJobPriority", "s3:RequestJobPriority", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "job" } ] }, { "Name" : "UpdateJobStatus", "ActionConditionKeys" : [ "s3:ExistingJobOperation", "s3:ExistingJobPriority", "s3:JobSuspendedCause", "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "job" } ] }, { "Name" : "UpdateStorageLensGroup", "ActionConditionKeys" : [ "s3:ResourceAccount", "s3:TlsVersion", "s3:authType", "s3:signatureAge", "s3:signatureversion", "s3:x-amz-content-sha256" ], "Annotations" : { "Properties" : { "IsList" : false, "IsPermissionManagement" : false, "IsTaggingOnly" : false, "IsWrite" : true } }, "Resources" : [ { "Name" : "storagelensgroup" } ] } ], "ConditionKeys" : [ { "Name" : "aws:RequestTag/${TagKey}", "Types" : [ "String" ] }, { "Name" : "aws:ResourceTag/${TagKey}", "Types" : [ "String" ] }, { "Name" : "aws:TagKeys", "Types" : [ "ArrayOfString" ] }, { "Name" : "s3:AccessGrantScope", "Types" : [ "String" ] }, { "Name" : "s3:AccessGrantsInstanceArn", "Types" : [ "ARN" ] }, { "Name" : "s3:AccessGrantsLocationScope", "Types" : [ "String" ] }, { "Name" : "s3:AccessPointNetworkOrigin", "Types" : [ "String" ] }, { "Name" : "s3:DataAccessPointAccount", "Types" : [ "String" ] }, { "Name" : "s3:DataAccessPointArn", "Types" : [ "ARN" ] }, { "Name" : "s3:ExistingJobOperation", "Types" : [ "String" ] }, { "Name" : "s3:ExistingJobPriority", "Types" : [ "Numeric" ] }, { "Name" : "s3:ExistingObjectTag/", "Types" : [ "String" ] }, { "Name" : "s3:InventoryAccessibleOptionalFields", "Types" : [ "ArrayOfString" ] }, { "Name" : "s3:JobSuspendedCause", "Types" : [ "String" ] }, { "Name" : "s3:ObjectCreationOperation", "Types" : [ "Bool" ] }, { "Name" : "s3:RequestJobOperation", "Types" : [ "String" ] }, { "Name" : "s3:RequestJobPriority", "Types" : [ "Numeric" ] }, { "Name" : "s3:RequestObjectTag/", "Types" : [ "String" ] }, { "Name" : "s3:RequestObjectTagKeys", "Types" : [ "ArrayOfString" ] }, { "Name" : "s3:ResourceAccount", "Types" : [ "String" ] }, { "Name" : "s3:TlsVersion", "Types" : [ "Numeric" ] }, { "Name" : "s3:authType", "Types" : [ "String" ] }, { "Name" : "s3:delimiter", "Types" : [ "String" ] }, { "Name" : "s3:destinationRegion", "Types" : [ "String" ] }, { "Name" : "s3:if-match", "Types" : [ "String" ] }, { "Name" : "s3:if-none-match", "Types" : [ "String" ] }, { "Name" : "s3:isReplicationPauseRequest", "Types" : [ "Bool" ] }, { "Name" : "s3:locationconstraint", "Types" : [ "String" ] }, { "Name" : "s3:max-keys", "Types" : [ "Numeric" ] }, { "Name" : "s3:object-lock-legal-hold", "Types" : [ "String" ] }, { "Name" : "s3:object-lock-mode", "Types" : [ "String" ] }, { "Name" : "s3:object-lock-remaining-retention-days", "Types" : [ "Numeric" ] }, { "Name" : "s3:object-lock-retain-until-date", "Types" : [ "Date" ] }, { "Name" : "s3:prefix", "Types" : [ "String" ] }, { "Name" : "s3:signatureAge", "Types" : [ "Numeric" ] }, { "Name" : "s3:signatureversion", "Types" : [ "String" ] }, { "Name" : "s3:versionid", "Types" : [ "String" ] }, { "Name" : "s3:x-amz-acl", "Types" : [ "String" ] }, { "Name" : "s3:x-amz-content-sha256", "Types" : [ "String" ] }, { "Name" : "s3:x-amz-copy-source", "Types" : [ "String" ] }, { "Name" : "s3:x-amz-grant-full-control", "Types" : [ "String" ] }, { "Name" : "s3:x-amz-grant-read", "Types" : [ "String" ] }, { "Name" : "s3:x-amz-grant-read-acp", "Types" : [ "String" ] }, { "Name" : "s3:x-amz-grant-write", "Types" : [ "String" ] }, { "Name" : "s3:x-amz-grant-write-acp", "Types" : [ "String" ] }, { "Name" : "s3:x-amz-metadata-directive", "Types" : [ "String" ] }, { "Name" : "s3:x-amz-object-ownership", "Types" : [ "String" ] }, { "Name" : "s3:x-amz-server-side-encryption", "Types" : [ "String" ] }, { "Name" : "s3:x-amz-server-side-encryption-aws-kms-key-id", "Types" : [ "ARN" ] }, { "Name" : "s3:x-amz-server-side-encryption-customer-algorithm", "Types" : [ "String" ] }, { "Name" : "s3:x-amz-storage-class", "Types" : [ "String" ] }, { "Name" : "s3:x-amz-website-redirect-location", "Types" : [ "String" ] } ], "Resources" : [ { "Name" : "accessgrant", "ARNFormats" : [ "arn:${Partition}:s3:${Region}:${Account}:access-grants/default/grant/${Token}" ], "ConditionKeys" : [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys" ] }, { "Name" : "accessgrantsinstance", "ARNFormats" : [ "arn:${Partition}:s3:${Region}:${Account}:access-grants/default" ], "ConditionKeys" : [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys" ] }, { "Name" : "accessgrantslocation", "ARNFormats" : [ "arn:${Partition}:s3:${Region}:${Account}:access-grants/default/location/${Token}" ], "ConditionKeys" : [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys" ] }, { "Name" : "accesspoint", "ARNFormats" : [ "arn:${Partition}:s3:${Region}:${Account}:accesspoint/${AccessPointName}" ] }, { "Name" : "bucket", "ARNFormats" : [ "arn:${Partition}:s3:::${BucketName}" ] }, { "Name" : "job", "ARNFormats" : [ "arn:${Partition}:s3:${Region}:${Account}:job/${JobId}" ], "ConditionKeys" : [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys" ] }, { "Name" : "multiregionaccesspoint", "ARNFormats" : [ "arn:${Partition}:s3::${Account}:accesspoint/${AccessPointAlias}" ] }, { "Name" : "multiregionaccesspointrequestarn", "ARNFormats" : [ "arn:${Partition}:s3:us-west-2:${Account}:async-request/mrap/${Operation}/${Token}" ] }, { "Name" : "object", "ARNFormats" : [ "arn:${Partition}:s3:::${BucketName}/${ObjectName}" ] }, { "Name" : "objectlambdaaccesspoint", "ARNFormats" : [ "arn:${Partition}:s3-object-lambda:${Region}:${Account}:accesspoint/${AccessPointName}" ] }, { "Name" : "storagelensconfiguration", "ARNFormats" : [ "arn:${Partition}:s3:${Region}:${Account}:storage-lens/${ConfigId}" ], "ConditionKeys" : [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys" ] }, { "Name" : "storagelensgroup", "ARNFormats" : [ "arn:${Partition}:s3:${Region}:${Account}:storage-lens-group/${Name}" ], "ConditionKeys" : [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys" ] } ], "Version" : "v1.2" }