AWS DevOps Agent Service (aidevops)

Additions

Actions

• AssociateService
  
  • Description:  Grants permission to associate service
  • Access:  Write
  • Resources: 

    Name: AssociationResource

    Required: Yes

• CreateAgentSpace
  
  • Description:  Grants permission to create agentspace
  • Access:  Write
  • Resources: 

    Name: AgentSpaceResource

    Required: Yes

• CreateBacklogTask
  
  • Description:  Grants permission to create a new backlog task
  • Access:  Write
• CreateKnowledgeItem
  
  • Description:  Grants permission to create a new knowledge item
  • Access:  Write
• CreateOneTimeLoginSession
  
  • Description:  Grants permission to generate secure one-time session for initiating off-console Application login
  • Access:  Write
  • Resources: 

    Name: AgentSpaceResource

    Required: Yes

• DeleteAgentSpace
  
  • Description:  Grants permission to delete agentspace
  • Access:  Write
  • Resources: 

    Name: AgentSpaceResource

    Required: Yes

• DeleteKnowledgeItem
  
  • Description:  Grants permission to delete a knowledge item
  • Access:  Write
• DeregisterService
  
  • Description:  Grants permission to deregister a service
  • Access:  Write
  • Resources: 

    Name: ServiceResource

    Required: Yes

• DescribeSupportLevel
  
  • Description:  Grants permission to describe a chat for a case
  • Access:  Write
• DisableOperatorApp
  
  • Description:  Grants permission to disable the Operator App access to the given AgentSpace
  • Access:  Write
  • Resources: 

    Name: AgentSpaceResource

    Required: Yes

• DisassociateService
  
  • Description:  Grants permission to disassociate service
  • Access:  Write
  • Resources: 

    Name: AssociationResource

    Required: Yes

• DiscoverTopology
  
  • Description:  Grants permission to discover topology information
  • Access:  Write
• EnableOperatorApp
  
  • Description:  Grants permission to enable the Operator App to access the given AgentSpace
  • Access:  Write
  • Resources: 

    Name: AgentSpaceResource

    Required: Yes

• EndChatForCase
  
  • Description:  Grants permission to end a chat for a case
  • Access:  Write
• GetAccountUsage
  
  • Description:  Grants permission to get account usage
  • Access:  Read
• GetAgentSpace
  
  • Description:  Grants permission to get agentspace
  • Access:  Read
  • Resources: 

    Name: AgentSpaceResource

    Required: Yes

• GetAssociation
  
  • Description:  Grants permission to get association
  • Access:  Read
  • Resources: 

    Name: AssociationResource

    Required: Yes

• GetBacklogTask
  
  • Description:  Grants permission to get a backlog task
  • Access:  Read
• GetKnowledgeItem
  
  • Description:  Grants permission to get a knowledge item
  • Access:  Read
• GetOperatorAppTeams
  
  • Description:  Grants permission to enable operator auth config for any enabled auth flow
  • Access:  Read
  • Resources: 

    Name: AgentSpaceResource

    Required: Yes

• GetRecommendation
  
  • Description:  Grants permission to get a recommendation
  • Access:  Read
• GetService
  
  • Description:  Grants permission to get services
  • Access:  Read
  • Resources: 

    Name: ServiceResource

    Required: Yes

• HandleServiceRegistrationCallback
  
  • Description:  Grants permission to handle OAuth callback from external service
  • Access:  Read
• InitiateChatForCase
  
  • Description:  Grants permission to initiate a chat for a case
  • Access:  Write
• InitiateServiceRegistration
  
  • Description:  Grants permission to initiate OAuth flow
  • Access:  Read
• InvokeAgent
  
  • Description:  Grants permission to invoke an agent
  • Access:  Write
• ListAgentSpaces
  
  • Description:  Grants permission to list agentspace
  • Access:  List
• ListAssociations
  
  • Description:  Grants permission to list associations
  • Access:  List
• ListBacklogTasks
  
  • Description:  Grants permission to list backlog tasks
  • Access:  List
• ListExecutions
  
  • Description:  Grants permission to list executions
  • Access:  List
• ListGoals
  
  • Description:  Grants permission to list goals
  • Access:  List
• ListJournalRecords
  
  • Description:  Grants permission to list journal records
  • Access:  List
• ListKnowledgeItems
  
  • Description:  Grants permission to list knowledge items
  • Access:  List
• ListPendingMessages
  
  • Description:  Grants permission to list pending messages
  • Access:  List
• ListRecommendations
  
  • Description:  Grants permission to list recommendations
  • Access:  List
• ListServices
  
  • Description:  Grants permission to list services
  • Access:  List
• ListWebhooks
  
  • Description:  Grants permission to list webhooks for association
  • Access:  List
  • Resources: 

    Name: AssociationResource

    Required: Yes

• RegisterService
  
  • Description:  Grants permission to register specific service
  • Access:  Write
  • Resources: 

    Name: ServiceResource

    Required: Yes

• SearchServiceAccessibleResource
  
  • Description:  Grants permission to look up a registered service accessible resources
  • Access:  Read
• SendChatMessage
  
  • Description:  Grants permission to invoke an agent
  • Access:  Write
• UpdateAgentSpace
  
  • Description:  Grants permission to update agentspace
  • Access:  Write
  • Resources: 

    Name: AgentSpaceResource

    Required: Yes

• UpdateAssociation
  
  • Description:  Grants permission to update association
  • Access:  Write
  • Resources: 

    Name: AssociationResource

    Required: Yes

• UpdateBacklogTask
  
  • Description:  Grants permission to update a task
  • Access:  Write
• UpdateKnowledgeItem
  
  • Description:  Grants permission to update a knowledge item
  • Access:  Write
• UpdateOperatorAppTeams
  
  • Description:  Grants permission to update the list of teams that the Operator App is enabled for
  • Access:  Write
  • Resources: 

    Name: AgentSpaceResource

    Required: Yes

• UpdateRecommendation
  
  • Description:  Grants permission to update a recommendation
  • Access:  Write

Resources

• AgentSpaceResource
  
  • Arn:  arn:${Partition}:aidevops:${Region}:${Account}:agentspace/${AgentSpaceId}
  • Conditions: 

    aidevops:AgentSpaceResourceAgentSpaceId

• AssociationResource
  
  • Arn:  arn:${Partition}:aidevops:${Region}:${Account}:agentspace/${AgentSpaceId}/associations/${AssociationId}
  • Conditions: 

    aidevops:AssociationResourceAgentSpaceId

    aidevops:AssociationResourceAssociationId

• ServiceResource
  
  • Arn:  arn:${Partition}:aidevops:${Region}:${Account}:service/${ServiceId}
  • Conditions: 

    aidevops:ServiceResourceServiceId

Conditions

• aidevops:AgentSpaceResourceAgentSpaceId
  
  • Description:  Filters access by unique identifier for an AgentSpace
  • Type:  String
• aidevops:AssociationResourceAgentSpaceId
  
  • Description:  Filters access by unique identifier for an AgentSpace
  • Type:  String
• aidevops:AssociationResourceAssociationId
  
  • Description:  Filters access by unique identifier for a service association within an AgentSpace
  • Type:  String
• aidevops:ServiceResourceServiceId
  
  • Description:  Filters access by unique identifier for a registered service
  • Type:  String