diff --git a/src/cfnlint/data/AdditionalSpecs/Policies.json b/src/cfnlint/data/AdditionalSpecs/Policies.json index fef8f52119..a19a79c2ba 100644 --- a/src/cfnlint/data/AdditionalSpecs/Policies.json +++ b/src/cfnlint/data/AdditionalSpecs/Policies.json @@ -2295,6 +2295,7 @@ "DeleteRepositoryLink", "DeleteSyncConfiguration", "GetConnection", + "GetConnectionToken", "GetHost", "GetIndividualAccessToken", "GetInstallationUrl", @@ -2520,6 +2521,7 @@ "DeleteRepositoryLink", "DeleteSyncConfiguration", "GetConnection", + "GetConnectionToken", "GetHost", "GetIndividualAccessToken", "GetInstallationUrl", @@ -4961,6 +4963,7 @@ "GetPlan", "GetQueries", "GetQuery", + "GetRecipeAction", "GetRegistry", "GetResourcePolicies", "GetResourcePolicy", @@ -5041,6 +5044,7 @@ "RunStatement", "SearchTables", "SendFeedback", + "SendRecipeAction", "StartBlueprintRun", "StartColumnStatisticsTaskRun", "StartCompletion", @@ -5281,12 +5285,14 @@ "ARNFormat": "arn:aws:healthlake:${Region}:${Account}:${ResourceType}/${ResourceName}", "ARNRegex": "^arn:aws:healthlake:.+:.+:.+", "Actions": [ + "CancelFHIRExportJobWithDelete", "CreateFHIRDatastore", "CreateResource", "DeleteFHIRDatastore", "DeleteResource", "DescribeFHIRDatastore", "DescribeFHIRExportJob", + "DescribeFHIRExportJobWithGet", "DescribeFHIRImportJob", "GetCapabilities", "ListFHIRDatastores", @@ -5298,6 +5304,7 @@ "SearchWithGet", "SearchWithPost", "StartFHIRExportJob", + "StartFHIRExportJobWithPost", "StartFHIRImportJob", "TagResource", "UntagResource", @@ -10271,6 +10278,7 @@ "ssm:AutoApprove", "ssm:DocumentCategories", "ssm:Overwrite", + "ssm:Policies", "ssm:Recursive", "ssm:SessionDocumentAccessCheck", "ssm:SourceInstanceARN", @@ -11530,6 +11538,7 @@ "CreateImageBuilderStreamingURL", "CreateStack", "CreateStreamingURL", + "CreateThemeForStack", "CreateUpdatedImage", "CreateUsageReportSubscription", "CreateUser", @@ -11543,6 +11552,7 @@ "DeleteImageBuilder", "DeleteImagePermissions", "DeleteStack", + "DeleteThemeForStack", "DeleteUsageReportSubscription", "DeleteUser", "DescribeAppBlockBuilderAppBlockAssociations", @@ -11558,6 +11568,7 @@ "DescribeImages", "DescribeSessions", "DescribeStacks", + "DescribeThemeForStack", "DescribeUsageReportSubscriptions", "DescribeUserStackAssociations", "DescribeUsers", @@ -11587,7 +11598,8 @@ "UpdateEntitlement", "UpdateFleet", "UpdateImagePermissions", - "UpdateStack" + "UpdateStack", + "UpdateThemeForStack" ], "HasResource": true, "StringPrefix": "appstream", @@ -11734,6 +11746,7 @@ "DeleteModelInvocationLoggingConfiguration", "DeletePrompt", "DeleteProvisionedModelThroughput", + "DeleteResourcePolicy", "DetectGeneratedContent", "DisassociateAgentKnowledgeBase", "GetAgent", @@ -11760,6 +11773,7 @@ "GetModelInvocationLoggingConfiguration", "GetPrompt", "GetProvisionedModelThroughput", + "GetResourcePolicy", "GetUseCaseForModelAccess", "InvokeAgent", "InvokeFlow", @@ -11792,6 +11806,7 @@ "PrepareFlow", "PutFoundationModelEntitlement", "PutModelInvocationLoggingConfiguration", + "PutResourcePolicy", "PutUseCaseForModelAccess", "Retrieve", "RetrieveAndGenerate", @@ -13838,6 +13853,7 @@ "CreateListingChangeSet", "CreateProject", "CreateProjectMembership", + "CreateProjectProfile", "CreateSubscriptionGrant", "CreateSubscriptionRequest", "CreateSubscriptionTarget", @@ -13861,6 +13877,7 @@ "DeleteListing", "DeleteProject", "DeleteProjectMembership", + "DeleteProjectProfile", "DeleteSubscriptionGrant", "DeleteSubscriptionRequest", "DeleteSubscriptionTarget", @@ -13891,6 +13908,7 @@ "GetListing", "GetMetadataGenerationRun", "GetProject", + "GetProjectProfile", "GetSubscription", "GetSubscriptionEligibility", "GetSubscriptionGrant", @@ -13920,6 +13938,7 @@ "ListNotifications", "ListPolicyGrants", "ListProjectMemberships", + "ListProjectProfiles", "ListProjects", "ListSubscriptionGrants", "ListSubscriptionRequests", @@ -13966,6 +13985,7 @@ "UpdateGlossaryTerm", "UpdateGroupProfile", "UpdateProject", + "UpdateProjectProfile", "UpdateSubscriptionGrantStatus", "UpdateSubscriptionRequest", "UpdateSubscriptionTarget", @@ -14309,6 +14329,7 @@ "CreateInstanceExportTask", "CreateInternetGateway", "CreateIpam", + "CreateIpamExternalResourceVerificationToken", "CreateIpamPool", "CreateIpamResourceDiscovery", "CreateIpamScope", @@ -14387,6 +14408,7 @@ "DeleteInstanceEventWindow", "DeleteInternetGateway", "DeleteIpam", + "DeleteIpamExternalResourceVerificationToken", "DeleteIpamPool", "DeleteIpamResourceDiscovery", "DeleteIpamScope", @@ -14513,6 +14535,7 @@ "DescribeInstances", "DescribeInternetGateways", "DescribeIpamByoasn", + "DescribeIpamExternalResourceVerificationTokens", "DescribeIpamPools", "DescribeIpamResourceDiscoveries", "DescribeIpamResourceDiscoveryAssociations", @@ -14892,6 +14915,7 @@ "ec2:ClientRootCertificateChainArn", "ec2:CloudwatchLogGroupArn", "ec2:CloudwatchLogStreamArn", + "ec2:CpuOptionsAmdSevSnp", "ec2:CreateAction", "ec2:DPDTimeoutSeconds", "ec2:DhcpOptionsID", @@ -17081,9 +17105,11 @@ "DeleteApplicationSnapshot", "DeleteApplicationVpcConfiguration", "DescribeApplication", + "DescribeApplicationOperation", "DescribeApplicationSnapshot", "DescribeApplicationVersion", "DiscoverInputSchema", + "ListApplicationOperations", "ListApplicationSnapshots", "ListApplicationVersions", "ListApplications", @@ -20480,11 +20506,13 @@ "DisassociateResourceFromProfile", "GetProfile", "GetProfileAssociation", + "GetProfilePolicy", "GetProfileResourceAssociation", "ListProfileAssociations", "ListProfileResourceAssociations", "ListProfiles", "ListTagsForResource", + "PutProfilePolicy", "TagResource", "UntagResource", "UpdateProfileResourceAssociation" diff --git a/src/cfnlint/data/CloudSpecs/eu-central-1.json b/src/cfnlint/data/CloudSpecs/eu-central-1.json index 9d5f03ca06..5e53a0c672 100644 --- a/src/cfnlint/data/CloudSpecs/eu-central-1.json +++ b/src/cfnlint/data/CloudSpecs/eu-central-1.json @@ -823,25 +823,37 @@ "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-datasource-confluencesourceconfiguration.html#cfn-bedrock-datasource-confluencesourceconfiguration-authtype", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Mutable", + "Value": { + "ValueType": "AWS::Bedrock::DataSource.ConfluenceSourceConfiguration.AuthType" + } }, "CredentialsSecretArn": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-datasource-confluencesourceconfiguration.html#cfn-bedrock-datasource-confluencesourceconfiguration-credentialssecretarn", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Mutable", + "Value": { + "ValueType": "AWS::Bedrock::DataSource.ConfluenceSourceConfiguration.CredentialsSecretArn" + } }, "HostType": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-datasource-confluencesourceconfiguration.html#cfn-bedrock-datasource-confluencesourceconfiguration-hosttype", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Mutable", + "Value": { + "ValueType": "AWS::Bedrock::DataSource.ConfluenceSourceConfiguration.HostType" + } }, "HostUrl": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-datasource-confluencesourceconfiguration.html#cfn-bedrock-datasource-confluencesourceconfiguration-hosturl", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Mutable", + "Value": { + "ValueType": "AWS::Bedrock::DataSource.ConfluenceSourceConfiguration.HostUrl" + } } } }, @@ -858,7 +870,10 @@ "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-datasource-crawlfilterconfiguration.html#cfn-bedrock-datasource-crawlfilterconfiguration-type", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Mutable", + "Value": { + "ValueType": "AWS::Bedrock::DataSource.CrawlFilterConfiguration.Type" + } } } }, @@ -916,7 +931,10 @@ "PrimitiveItemType": "String", "Required": false, "Type": "List", - "UpdateType": "Mutable" + "UpdateType": "Mutable", + "Value": { + "ValueType": "AWS::Bedrock::DataSource.PatternObjectFilter.ExclusionFilters" + } }, "InclusionFilters": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-datasource-patternobjectfilter.html#cfn-bedrock-datasource-patternobjectfilter-inclusionfilters", @@ -924,13 +942,19 @@ "PrimitiveItemType": "String", "Required": false, "Type": "List", - "UpdateType": "Mutable" + "UpdateType": "Mutable", + "Value": { + "ValueType": "AWS::Bedrock::DataSource.PatternObjectFilter.InclusionFilters" + } }, "ObjectType": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-datasource-patternobjectfilter.html#cfn-bedrock-datasource-patternobjectfilter-objecttype", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Mutable", + "Value": { + "ValueType": "AWS::Bedrock::DataSource.PatternObjectFilter.ObjectType" + } } } }, @@ -983,19 +1007,28 @@ "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-datasource-salesforcesourceconfiguration.html#cfn-bedrock-datasource-salesforcesourceconfiguration-authtype", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Mutable", + "Value": { + "ValueType": "AWS::Bedrock::DataSource.SalesforceSourceConfiguration.AuthType" + } }, "CredentialsSecretArn": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-datasource-salesforcesourceconfiguration.html#cfn-bedrock-datasource-salesforcesourceconfiguration-credentialssecretarn", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Mutable", + "Value": { + "ValueType": "AWS::Bedrock::DataSource.SalesforceSourceConfiguration.CredentialsSecretArn" + } }, "HostUrl": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-datasource-salesforcesourceconfiguration.html#cfn-bedrock-datasource-salesforcesourceconfiguration-hosturl", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Mutable", + "Value": { + "ValueType": "AWS::Bedrock::DataSource.SalesforceSourceConfiguration.HostUrl" + } } } }, @@ -1046,25 +1079,37 @@ "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-datasource-sharepointsourceconfiguration.html#cfn-bedrock-datasource-sharepointsourceconfiguration-authtype", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Mutable", + "Value": { + "ValueType": "AWS::Bedrock::DataSource.SharePointSourceConfiguration.AuthType" + } }, "CredentialsSecretArn": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-datasource-sharepointsourceconfiguration.html#cfn-bedrock-datasource-sharepointsourceconfiguration-credentialssecretarn", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Mutable", + "Value": { + "ValueType": "AWS::Bedrock::DataSource.SharePointSourceConfiguration.CredentialsSecretArn" + } }, "Domain": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-datasource-sharepointsourceconfiguration.html#cfn-bedrock-datasource-sharepointsourceconfiguration-domain", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Mutable", + "Value": { + "ValueType": "AWS::Bedrock::DataSource.SharePointSourceConfiguration.Domain" + } }, "HostType": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-datasource-sharepointsourceconfiguration.html#cfn-bedrock-datasource-sharepointsourceconfiguration-hosttype", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Mutable", + "Value": { + "ValueType": "AWS::Bedrock::DataSource.SharePointSourceConfiguration.HostType" + } }, "SiteUrls": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-datasource-sharepointsourceconfiguration.html#cfn-bedrock-datasource-sharepointsourceconfiguration-siteurls", @@ -1072,13 +1117,19 @@ "PrimitiveItemType": "String", "Required": true, "Type": "List", - "UpdateType": "Mutable" + "UpdateType": "Mutable", + "Value": { + "ValueType": "AWS::Bedrock::DataSource.SharePointSourceConfiguration.SiteUrls" + } }, "TenantId": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-datasource-sharepointsourceconfiguration.html#cfn-bedrock-datasource-sharepointsourceconfiguration-tenantid", "PrimitiveType": "String", "Required": false, - "UpdateType": "Mutable" + "UpdateType": "Mutable", + "Value": { + "ValueType": "AWS::Bedrock::DataSource.SharePointSourceConfiguration.TenantId" + } } } }, @@ -9597,16 +9648,88 @@ "AWS::Bedrock::AgentAlias.AgentId": "CACHED", "AWS::Bedrock::AgentAlias.Description": "CACHED", "AWS::Bedrock::DataSource.ChunkingConfiguration.ChunkingStrategy": "CACHED", + "AWS::Bedrock::DataSource.ConfluenceSourceConfiguration.AuthType": { + "AllowedValues": [ + "BASIC", + "OAUTH2_CLIENT_CREDENTIALS" + ] + }, + "AWS::Bedrock::DataSource.ConfluenceSourceConfiguration.CredentialsSecretArn": { + "AllowedPatternRegex": "^arn:aws(|-cn|-us-gov):secretsmanager:[a-z0-9-]{1,20}:([0-9]{12}|):secret:[a-zA-Z0-9!/_+=.@-]{1,512}$" + }, + "AWS::Bedrock::DataSource.ConfluenceSourceConfiguration.HostType": { + "AllowedValues": [ + "SAAS" + ] + }, + "AWS::Bedrock::DataSource.ConfluenceSourceConfiguration.HostUrl": { + "AllowedPatternRegex": "^https://[A-Za-z0-9][^\\s]*$", + "StringMax": 2048, + "StringMin": 1 + }, + "AWS::Bedrock::DataSource.CrawlFilterConfiguration.Type": { + "AllowedValues": [ + "PATTERN" + ] + }, "AWS::Bedrock::DataSource.DataDeletionPolicy": "CACHED", "AWS::Bedrock::DataSource.DataSourceConfiguration.Type": "CACHED", "AWS::Bedrock::DataSource.Description": "CACHED", "AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration.OverlapPercentage": "CACHED", "AWS::Bedrock::DataSource.KnowledgeBaseId": "CACHED", "AWS::Bedrock::DataSource.Name": "CACHED", + "AWS::Bedrock::DataSource.PatternObjectFilter.ExclusionFilters": { + "StringMax": 1000, + "StringMin": 0 + }, + "AWS::Bedrock::DataSource.PatternObjectFilter.InclusionFilters": { + "StringMax": 1000, + "StringMin": 0 + }, + "AWS::Bedrock::DataSource.PatternObjectFilter.ObjectType": { + "StringMax": 50, + "StringMin": 1 + }, "AWS::Bedrock::DataSource.S3DataSourceConfiguration.BucketArn": "CACHED", "AWS::Bedrock::DataSource.S3DataSourceConfiguration.BucketOwnerAccountId": "CACHED", "AWS::Bedrock::DataSource.S3DataSourceConfiguration.InclusionPrefixes": "CACHED", + "AWS::Bedrock::DataSource.SalesforceSourceConfiguration.AuthType": { + "AllowedValues": [ + "OAUTH2_CLIENT_CREDENTIALS" + ] + }, + "AWS::Bedrock::DataSource.SalesforceSourceConfiguration.CredentialsSecretArn": { + "AllowedPatternRegex": "^arn:aws(|-cn|-us-gov):secretsmanager:[a-z0-9-]{1,20}:([0-9]{12}|):secret:[a-zA-Z0-9!/_+=.@-]{1,512}$" + }, + "AWS::Bedrock::DataSource.SalesforceSourceConfiguration.HostUrl": { + "AllowedPatternRegex": "^https://[A-Za-z0-9][^\\s]*$", + "StringMax": 2048, + "StringMin": 1 + }, "AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration.KmsKeyArn": "CACHED", + "AWS::Bedrock::DataSource.SharePointSourceConfiguration.AuthType": { + "AllowedValues": [ + "OAUTH2_CLIENT_CREDENTIALS" + ] + }, + "AWS::Bedrock::DataSource.SharePointSourceConfiguration.CredentialsSecretArn": { + "AllowedPatternRegex": "^arn:aws(|-cn|-us-gov):secretsmanager:[a-z0-9-]{1,20}:([0-9]{12}|):secret:[a-zA-Z0-9!/_+=.@-]{1,512}$" + }, + "AWS::Bedrock::DataSource.SharePointSourceConfiguration.Domain": { + "StringMax": 50, + "StringMin": 1 + }, + "AWS::Bedrock::DataSource.SharePointSourceConfiguration.HostType": { + "AllowedValues": [ + "ONLINE" + ] + }, + "AWS::Bedrock::DataSource.SharePointSourceConfiguration.SiteUrls": { + "AllowedPatternRegex": "^https://[A-Za-z0-9][^\\s]*$" + }, + "AWS::Bedrock::DataSource.SharePointSourceConfiguration.TenantId": { + "AllowedPatternRegex": "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$" + }, "AWS::Bedrock::Flow.CustomerEncryptionKeyArn": "CACHED", "AWS::Bedrock::Flow.DefinitionString": "CACHED", "AWS::Bedrock::Flow.Description": "CACHED", diff --git a/src/cfnlint/data/CloudSpecs/us-east-1.json b/src/cfnlint/data/CloudSpecs/us-east-1.json index d16d085130..9b06a8c190 100644 --- a/src/cfnlint/data/CloudSpecs/us-east-1.json +++ b/src/cfnlint/data/CloudSpecs/us-east-1.json @@ -252017,7 +252017,9 @@ "AWS::Bedrock::DataSource.ChunkingConfiguration.ChunkingStrategy": { "AllowedValues": [ "FIXED_SIZE", - "NONE" + "NONE", + "HIERARCHICAL", + "SEMANTIC" ] }, "AWS::Bedrock::DataSource.DataDeletionPolicy": { @@ -252028,7 +252030,11 @@ }, "AWS::Bedrock::DataSource.DataSourceConfiguration.Type": { "AllowedValues": [ - "S3" + "S3", + "CONFLUENCE", + "SALESFORCE", + "SHAREPOINT", + "WEB" ] }, "AWS::Bedrock::DataSource.Description": { @@ -261138,7 +261144,9 @@ "MONGODB", "NETWORK", "SALESFORCE", - "SFTP" + "SFTP", + "VIEW_VALIDATION_ATHENA", + "VIEW_VALIDATION_REDSHIFT" ] }, "AWS::Glue::Crawler.SchemaChangePolicy.DeleteBehavior": { @@ -287045,11 +287053,12 @@ "AllowedPatternRegex": "arn:(aws[a-zA-Z-]*)?:synthetics:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}:\\d{12}:canary:[0-9a-z_\\-]" }, "AWS::SystemsManagerSAP::Application.ApplicationId": { - "AllowedPatternRegex": "[\\w\\d]{1,50}" + "AllowedPatternRegex": "[\\w\\d\\.-]{1,60}" }, "AWS::SystemsManagerSAP::Application.ApplicationType": { "AllowedValues": [ - "HANA" + "HANA", + "SAP_ABAP" ] }, "AWS::SystemsManagerSAP::Application.Credential.CredentialType": { @@ -287579,7 +287588,7 @@ "AWS::VpcLattice::AuthPolicy.ResourceIdentifier": { "AllowedPatternRegex": "^((((sn)|(svc))-[0-9a-z]{17})|(arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:((servicenetwork/sn)|(service/svc))-[0-9a-z]{17}))$", "StringMax": 200, - "StringMin": 21 + "StringMin": 17 }, "AWS::VpcLattice::Listener.FixedResponse.StatusCode": { "NumberMax": 599, diff --git a/src/cfnlint/data/Serverless/ManagedPolicies.json b/src/cfnlint/data/Serverless/ManagedPolicies.json index 084ffa30bd..778b7e069b 100644 --- a/src/cfnlint/data/Serverless/ManagedPolicies.json +++ b/src/cfnlint/data/Serverless/ManagedPolicies.json @@ -1024,6 +1024,7 @@ "AmazonWorkSpacesSecureBrowserReadOnly": "arn:aws:iam::aws:policy/AmazonWorkSpacesSecureBrowserReadOnly", "AmazonWorkSpacesSelfServiceAccess": "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess", "AmazonWorkSpacesServiceAccess": "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess", + "AmazonWorkSpacesThinClientFullAccess": "arn:aws:iam::aws:policy/AmazonWorkSpacesThinClientFullAccess", "AmazonWorkSpacesThinClientReadOnlyAccess": "arn:aws:iam::aws:policy/AmazonWorkSpacesThinClientReadOnlyAccess", "AmazonWorkSpacesWebReadOnly": "arn:aws:iam::aws:policy/AmazonWorkSpacesWebReadOnly", "AmazonWorkSpacesWebServiceRolePolicy": "arn:aws:iam::aws:policy/aws-service-role/AmazonWorkSpacesWebServiceRolePolicy",