{
  "batchgetfindings": {
    "name": "BatchGetFindings",
    "description": "Grants permission to batch retrieve specific findings generated by CodeGuru Security",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "ScanName",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "createscan": {
    "name": "CreateScan",
    "description": "Grants permission to create a CodeGuru Security scan",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "ScanName",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:TagKeys",
      "aws:RequestTag/${TagKey}"
    ],
    "dependentActions": []
  },
  "createuploadurl": {
    "name": "CreateUploadUrl",
    "description": "Grants permission to generate a presigned url for uploading code archives",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "ScanName",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletescansbycategory": {
    "name": "DeleteScansByCategory",
    "isPermissionOnly": true,
    "description": "Grants permission to delete all the scans and related findings from CodeGuru Security by given category",
    "accessLevel": "Write",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "getaccountconfiguration": {
    "name": "GetAccountConfiguration",
    "description": "Grants permission to retrieve the account level configurations",
    "accessLevel": "Read",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "getfindings": {
    "name": "GetFindings",
    "description": "Grants permission to retrieve findings for a scan generated by CodeGuru Security",
    "accessLevel": "List",
    "resourceTypes": [
      {
        "name": "ScanName",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "getmetricssummary": {
    "name": "GetMetricsSummary",
    "description": "Grants permission to retrieve AWS accout level metrics summary generated by CodeGuru Security",
    "accessLevel": "Read",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "getscan": {
    "name": "GetScan",
    "description": "Grants permission to retrieve CodeGuru Security scan metadata",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "ScanName",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:ResourceTag/${TagKey}"
    ],
    "dependentActions": []
  },
  "listfindings": {
    "name": "ListFindings",
    "isPermissionOnly": true,
    "description": "Grants permission to retrieve findings generated by CodeGuru Security",
    "accessLevel": "List",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "listfindingsmetrics": {
    "name": "ListFindingsMetrics",
    "description": "Grants permission to retrieve a list of account level findings metrics within a date range",
    "accessLevel": "List",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "listscans": {
    "name": "ListScans",
    "description": "Grants permission to retrieve list of CodeGuru Security scan metadata",
    "accessLevel": "List",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "listtagsforresource": {
    "name": "ListTagsForResource",
    "description": "Grants permission to retrieve a list of tags for a scan name ARN",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "ScanName",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:ResourceTag/${TagKey}"
    ],
    "dependentActions": []
  },
  "tagresource": {
    "name": "TagResource",
    "description": "Grants permission to add tags to a scan name ARN",
    "accessLevel": "Tagging",
    "resourceTypes": [
      {
        "name": "ScanName",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:TagKeys",
      "aws:RequestTag/${TagKey}"
    ],
    "dependentActions": []
  },
  "untagresource": {
    "name": "UntagResource",
    "description": "Grants permission to remove tags from a scan name ARN",
    "accessLevel": "Tagging",
    "resourceTypes": [
      {
        "name": "ScanName",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "updateaccountconfiguration": {
    "name": "UpdateAccountConfiguration",
    "description": "Grants permission to update the account level configurations",
    "accessLevel": "Write",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  }
}