Iam-floyd

---

**New actions:**

- ec2:ModifyInstanceMaintenanceOptions
- events:CreateEndpoint
- events:DeleteEndpoint
- events:DescribeEndpoint
- events:ListEndpoints
- events:UpdateEndpoint
- fms:AssociateThirdPartyFirewall
- fms:DisassociateThirdPartyFirewall
- fms:GetThirdPartyFirewallAssociationStatus
- fms:ListThirdPartyFirewallFirewallPolicies
- iot:ListMetricValues
- lambda:CreateFunctionUrlConfig
- lambda:DeleteFunctionUrlConfig
- lambda:GetFunctionUrlConfig
- lambda:InvokeFunctionUrl
- lambda:ListFunctionUrlConfigs
- lambda:UpdateFunctionUrlConfig

**Updated action access level:**

- panorama:ListTagsForResource: List -> Read

**New resource types:**

- events:endpoint

**New condition keys:**

- events:EventBusArn
- lambda:FunctionUrlAuthType

---

:warning: **Removed actions:**

- cloudfront:CreateDistributionWithTags
- finspace:DeleteUser
- forecast:DescribeExplainablity
- sqlworkbench:GetKMSKey
- sqlworkbench:ListBuckets
- sqlworkbench:ListKMSKeyAliases
- sqlworkbench:ListKMSKeys

:warning: **Removed condition keys:**

- groundstation:configId
- groundstation:configType
- groundstation:contactId
- groundstation:dataflowEndpointGroupId
- groundstation:groundStationId
- groundstation:missionProfileId
- groundstation:satelliteId

:warning: **Removed resource types:**

- bugbust:ProfilingGroup
- bugbust:codereview
- iotdeviceadvisor:suitedefinition
- iotdeviceadvisor:suiterun

**New services:**

- amplifyuibuilder
- billingconductor
- codedeploy-commands-secure
- evidently
- gamesparks
- identity-sync
- iotfleetwise
- iotroborunner
- iottwinmaker
- rbin
- refactor-spaces
- rhelkb
- rum
- serviceextract
- sustainability
- tax
- workspaces-web

**New actions:**

- amplifybackend:CreateBackendStorage
- amplifybackend:DeleteBackendStorage
- amplifybackend:GetBackendStorage
- amplifybackend:ImportBackendStorage
- amplifybackend:ListS3Buckets
- amplifybackend:UpdateBackendStorage
- amplifyuibuilder:CreateComponent
- amplifyuibuilder:CreateTheme
- amplifyuibuilder:DeleteComponent
- amplifyuibuilder:DeleteTheme
- amplifyuibuilder:ExchangeCodeForToken
- amplifyuibuilder:ExportComponents
- amplifyuibuilder:ExportThemes
- amplifyuibuilder:GetComponent
- amplifyuibuilder:GetTheme
- amplifyuibuilder:ListComponents
- amplifyuibuilder:ListTagsForResource
- amplifyuibuilder:ListThemes
- amplifyuibuilder:RefreshToken
- amplifyuibuilder:TagResource
- amplifyuibuilder:UntagResource
- amplifyuibuilder:UpdateComponent
- amplifyuibuilder:UpdateTheme
- appconfig:GetLatestConfiguration
- appconfig:StartConfigurationSession
- appflow:DescribeConnector
- appflow:ListConnectors
- appflow:RegisterConnector
- appflow:UnRegisterConnector
- apprunner:CreateVpcConnector
- apprunner:DeleteVpcConnector
- apprunner:DescribeVpcConnector
- apprunner:ListVpcConnectors
- appstream:AssociateApplicationToEntitlement
- appstream:CreateEntitlement
- appstream:DeleteEntitlement
- appstream:DescribeEntitlements
- appstream:DisassociateApplicationFromEntitlement
- appstream:ListEntitledApplications
- appstream:UpdateEntitlement
- appsync:AssociateApi
- appsync:CreateDomainName
- appsync:DeleteDomainName
- appsync:DisassociateApi
- appsync:GetApiAssociation
- appsync:GetDomainName
- appsync:ListDomainNames
- appsync:UpdateDomainName
- athena:UpdateNamedQuery
- billingconductor:AssociateAccounts
- billingconductor:AssociatePricingRules
- billingconductor:BatchAssociateResourcesToCustomLineItem
- billingconductor:BatchDisassociateResourcesFromCustomLineItem
- billingconductor:CreateBillingGroup
- billingconductor:CreateCustomLineItem
- billingconductor:CreatePricingPlan
- billingconductor:CreatePricingRule
- billingconductor:DeleteBillingGroup
- billingconductor:DeleteCustomLineItem
- billingconductor:DeletePricingPlan
- billingconductor:DeletePricingRule
- billingconductor:DisassociateAccounts
- billingconductor:DisassociatePricingRules
- billingconductor:ListAccountAssociations
- billingconductor:ListBillingGroupCostReports
- billingconductor:ListBillingGroups
- billingconductor:ListCustomLineItems
- billingconductor:ListPricingPlans
- billingconductor:ListPricingPlansAssociatedWithPricingRule
- billingconductor:ListPricingRules
- billingconductor:ListPricingRulesAssociatedToPricingPlan
- billingconductor:ListResourcesAssociatedToCustomLineItem
- billingconductor:ListTagsResource
- billingconductor:TagResource
- billingconductor:UntagResource
- billingconductor:UpdateBillingGroup
- billingconductor:UpdateCustomLineItem
- billingconductor:UpdatePricingPlan
- billingconductor:UpdatePricingRule
- braket:CancelJob
- braket:CreateJob
- braket:GetJob
- braket:SearchJobs
- ce:ListTagsForResource
- ce:TagResource
- ce:UntagResource
- clouddirectory:GetAppliedSchemaVersion
- clouddirectory:UpgradeAppliedSchema
- clouddirectory:UpgradePublishedSchema
- cloudformation:DescribeChangeSetHooks
- cloudformation:RollbackStack
- cloudfront:CreateResponseHeadersPolicy
- cloudfront:DeleteResponseHeadersPolicy
- cloudfront:GetResponseHeadersPolicy
- cloudfront:GetResponseHeadersPolicyConfig
- cloudfront:ListDistributionsByResponseHeadersPolicyId
- cloudfront:ListResponseHeadersPolicies
- cloudfront:UpdateResponseHeadersPolicy
- cloudtrail:CancelQuery
- cloudtrail:CreateEventDataStore
- cloudtrail:DeleteEventDataStore
- cloudtrail:DescribeQuery
- cloudtrail:GetEventDataStore
- cloudtrail:GetQueryResults
- cloudtrail:ListEventDataStores
- cloudtrail:ListQueries
- cloudtrail:RestoreEventDataStore
- cloudtrail:StartQuery
- cloudtrail:UpdateEventDataStore
- codedeploy-commands-secure:GetDeploymentSpecification
- codedeploy-commands-secure:PollHostCommand
- codedeploy-commands-secure:PutHostCommandAcknowledgement
- codedeploy-commands-secure:PutHostCommandComplete
- cognito-idp:RevokeToken
- comprehend:DeleteResourcePolicy
- comprehend:DescribeResourcePolicy
- comprehend:DescribeTargetedSentimentDetectionJob
- comprehend:ImportModel
- comprehend:ListTargetedSentimentDetectionJobs
- comprehend:PutResourcePolicy
- comprehend:StartTargetedSentimentDetectionJob
- comprehend:StopTargetedSentimentDetectionJob
- comprehendmedical:DescribeSNOMEDCTInferenceJob
- comprehendmedical:InferSNOMEDCT
- comprehendmedical:ListSNOMEDCTInferenceJobs
- comprehendmedical:StartSNOMEDCTInferenceJob
- comprehendmedical:StopSNOMEDCTInferenceJob
- compute-optimizer:DeleteRecommendationPreferences
- compute-optimizer:GetEffectiveRecommendationPreferences
- compute-optimizer:GetRecommendationPreferences
- compute-optimizer:PutRecommendationPreferences
- connect:AssociateDefaultVocabulary
- connect:BatchAssociateAnalyticsDataSet
- connect:BatchDisassociateAnalyticsDataSet
- connect:CreateVocabulary
- connect:DeleteVocabulary
- connect:DescribeVocabulary
- connect:ListDefaultVocabularies
- connect:SearchVocabularies
- connect:StartContactStreaming
- connect:StopContactStreaming
- connect:UpdateContactFlowModuleContent
- dataexchange:RevokeRevision
- dataexchange:SendApiAsset
- datasync:CreateLocationFsxLustre
- datasync:CreateLocationHdfs
- datasync:DescribeLocationFsxLustre
- datasync:DescribeLocationHdfs
- datasync:UpdateLocationHdfs
- detective:DescribeOrganizationConfiguration
- detective:DisableOrganizationAdminAccount
- detective:EnableOrganizationAdminAccount
- detective:ListOrganizationAdminAccounts
- detective:UpdateOrganizationConfiguration
- devops-guru:DescribeEventSourcesConfig
- devops-guru:UpdateEventSourcesConfig
- ds:DescribeClientAuthenticationSettings
- ec2:AllocateIpamPoolCidr
- ec2:CreateCoipPoolPermission
- ec2:CreateIpam
- ec2:CreateIpamPool
- ec2:CreateIpamScope
- ec2:CreateLocalGatewayRouteTablePermission
- ec2:CreateNetworkInsightsAccessScope
- ec2:CreatePublicIpv4Pool
- ec2:DeleteCoipPoolPermission
- ec2:DeleteIpam
- ec2:DeleteIpamPool
- ec2:DeleteIpamScope
- ec2:DeleteLocalGatewayRouteTablePermission
- ec2:DeleteNetworkInsightsAccessScope
- ec2:DeleteNetworkInsightsAccessScopeAnalysis
- ec2:DeletePublicIpv4Pool
- ec2:DeleteResourcePolicy
- ec2:DeprovisionIpamPoolCidr
- ec2:DeprovisionPublicIpv4PoolCidr
- ec2:DescribeFastLaunchImages
- ec2:DescribeIpamPools
- ec2:DescribeIpamScopes
- ec2:DescribeIpams
- ec2:DescribeLocalGatewayRouteTablePermissions
- ec2:DescribeNetworkInsightsAccessScopeAnalyses
- ec2:DescribeNetworkInsightsAccessScopes
- ec2:DescribeSnapshotTierStatus
- ec2:DisableFastLaunch
- ec2:DisableIpamOrganizationAdminAccount
- ec2:EnableFastLaunch
- ec2:EnableIpamOrganizationAdminAccount
- ec2:GetInstanceTypesFromInstanceRequirements
- ec2:GetIpamAddressHistory
- ec2:GetIpamPoolAllocations
- ec2:GetIpamPoolCidrs
- ec2:GetIpamResourceCidrs
- ec2:GetNetworkInsightsAccessScopeAnalysisFindings
- ec2:GetNetworkInsightsAccessScopeContent
- ec2:GetResourcePolicy
- ec2:GetSpotPlacementScores
- ec2:ListImagesInRecycleBin
- ec2:ListSnapshotsInRecycleBin
- ec2:ModifyInstanceMaintenanceOptions
- ec2:ModifyIpam
- ec2:ModifyIpamPool
- ec2:ModifyIpamResourceCidr
- ec2:ModifyIpamScope
- ec2:ModifyPrivateDnsNameOptions
- ec2:ModifySnapshotTier
- ec2:ModifyVpcEndpointServicePayerResponsibility
- ec2:MoveByoipCidrToIpam
- ec2:ProvisionIpamPoolCidr
- ec2:ProvisionPublicIpv4PoolCidr
- ec2:PutResourcePolicy
- ec2:ReleaseIpamPoolAllocation
- ec2:RestoreImageFromRecycleBin
- ec2:RestoreSnapshotFromRecycleBin
- ec2:RestoreSnapshotTier
- ec2:StartNetworkInsightsAccessScopeAnalysis
- ecr:BatchGetRepositoryScanningConfiguration
- ecr:BatchImportUpstreamImage
- ecr:CreatePullThroughCacheRule
- ecr:DeletePullThroughCacheRule
- ecr:DescribePullThroughCacheRules
- ecr:GetRegistryScanningConfiguration
- ecr:PutRegistryScanningConfiguration
- eks:DeregisterCluster
- eks:RegisterCluster
- elasticfilesystem:CreateReplicationConfiguration
- elasticfilesystem:DeleteReplicationConfiguration
- elasticfilesystem:DescribeReplicationConfigurations
- elasticmapreduce:DeleteWorkspaceAccess
- elasticmapreduce:ListWorkspaceAccessIdentities
- elasticmapreduce:PutWorkspaceAccess
- elasticmapreduce:UpdateEditor
- es:DescribeDomainChangeProgress
- events:CreateEndpoint
- events:DeleteEndpoint
- events:DescribeEndpoint
- events:ListEndpoints
- events:UpdateEndpoint
- evidently:BatchEvaluateFeature
- evidently:CreateExperiment
- evidently:CreateFeature
- evidently:CreateLaunch
- evidently:CreateProject
- evidently:DeleteExperiment
- evidently:DeleteFeature
- evidently:DeleteLaunch
- evidently:DeleteProject
- evidently:EvaluateFeature
- evidently:GetExperiment
- evidently:GetExperimentResults
- evidently:GetFeature
- evidently:GetLaunch
- evidently:GetProject
- evidently:ListExperiments
- evidently:ListFeatures
- evidently:ListLaunches
- evidently:ListProjects
- evidently:ListTagsForResource
- evidently:PutProjectEvents
- evidently:StartExperiment
- evidently:StartLaunch
- evidently:StopExperiment
- evidently:StopLaunch
- evidently:TagResource
- evidently:UntagResource
- evidently:UpdateExperiment
- evidently:UpdateFeature
- evidently:UpdateLaunch
- evidently:UpdateProject
- evidently:UpdateProjectDataDelivery
- finspace:ResetUserPassword
- finspace:UpdateUser
- fis:GetTargetResourceType
- fis:ListTargetResourceTypes
- fms:AssociateThirdPartyFirewall
- fms:DisassociateThirdPartyFirewall
- fms:GetThirdPartyFirewallAssociationStatus
- fms:ListThirdPartyFirewallFirewallPolicies
- forecast:DescribeExplainability
- frauddetector:GetEventPredictionMetadata
- frauddetector:ListEventPredictions
- fsx:CreateDataRepositoryAssociation
- fsx:CreateSnapshot
- fsx:DeleteDataRepositoryAssociation
- fsx:DeleteSnapshot
- fsx:DescribeDataRepositoryAssociations
- fsx:DescribeSnapshots
- fsx:ReleaseFileSystemNfsV3Locks
- fsx:RestoreVolumeFromSnapshot
- fsx:UpdateDataRepositoryAssociation
- fsx:UpdateSnapshot
- gamesparks:CreateGame
- gamesparks:CreateSnapshot
- gamesparks:CreateStage
- gamesparks:DeleteGame
- gamesparks:DeleteStage
- gamesparks:DisconnectPlayer
- gamesparks:ExportSnapshot
- gamesparks:GetExtension
- gamesparks:GetExtensionVersion
- gamesparks:GetGame
- gamesparks:GetGameConfiguration
- gamesparks:GetGeneratedCodeJob
- gamesparks:GetPlayerConnectionStatus
- gamesparks:GetSnapshot
- gamesparks:GetStage
- gamesparks:GetStageDeployment
- gamesparks:ImportGameConfiguration
- gamesparks:InvokeBackend
- gamesparks:ListExtensionVersions
- gamesparks:ListExtensions
- gamesparks:ListGames
- gamesparks:ListGeneratedCodeJobs
- gamesparks:ListSnapshots
- gamesparks:ListStageDeployments
- gamesparks:ListStages
- gamesparks:ListTagsForResource
- gamesparks:StartGeneratedCodeJob
- gamesparks:StartStageDeployment
- gamesparks:TagResource
- gamesparks:UntagResource
- gamesparks:UpdateGame
- gamesparks:UpdateGameConfiguration
- gamesparks:UpdateSnapshot
- gamesparks:UpdateStage
- geo:CalculateRouteMatrix
- geo:SearchPlaceIndexForSuggestions
- geo:UpdateMap
- geo:UpdatePlaceIndex
- geo:UpdateRouteCalculator
- glue:BatchGetBlueprints
- glue:BatchUpdatePartition
- glue:CancelStatement
- glue:CreateBlueprint
- glue:CreatePartitionIndex
- glue:CreateSession
- glue:DeleteBlueprint
- glue:DeleteColumnStatisticsForPartition
- glue:DeleteColumnStatisticsForTable
- glue:DeletePartitionIndex
- glue:DeleteSession
- glue:GetBlueprint
- glue:GetBlueprintRun
- glue:GetBlueprintRuns
- glue:GetColumnStatisticsForPartition
- glue:GetColumnStatisticsForTable
- glue:GetPartitionIndexes
- glue:GetSession
- glue:GetStatement
- glue:ListBlueprints
- glue:ListSessions
- glue:ListStatements
- glue:RunStatement
- glue:StartBlueprintRun
- glue:StopSession
- glue:UpdateBlueprint
- glue:UpdateColumnStatisticsForPartition
- glue:UpdateColumnStatisticsForTable
- grafana:ListTagsForResource
- grafana:TagResource
- grafana:UntagResource
- honeycode:DeleteDomains
- honeycode:ListTagsForResource
- honeycode:TagResource
- honeycode:UntagResource
- identity-sync:CreateSyncFilter
- identity-sync:CreateSyncProfile
- identity-sync:CreateSyncTarget
- identity-sync:DeleteSyncFilter
- identity-sync:DeleteSyncProfile
- identity-sync:DeleteSyncTarget
- identity-sync:GetSyncProfile
- identity-sync:GetSyncTarget
- identity-sync:ListSyncFilters
- identity-sync:StartSync
- identity-sync:StopSync
- identity-sync:UpdateSyncTarget
- imagebuilder:ImportVmImage
- iot:ListMetricValues
- iot:PutVerificationStateOnViolation
- iotdeviceadvisor:GetEndpoint
- iotfleetwise:AssociateVehicle
- iotfleetwise:CreateCampaign
- iotfleetwise:CreateDecoderManifest
- iotfleetwise:CreateFleet
- iotfleetwise:CreateModelManifest
- iotfleetwise:CreateSignalCatalog
- iotfleetwise:CreateVehicle
- iotfleetwise:DeleteCampaign
- iotfleetwise:DeleteDecoderManifest
- iotfleetwise:DeleteFleet
- iotfleetwise:DeleteModelManifest
- iotfleetwise:DeleteSignalCatalog
- iotfleetwise:DeleteVehicle
- iotfleetwise:DisassociateVehicle
- iotfleetwise:GetCampaign
- iotfleetwise:GetDecoderManifest
- iotfleetwise:GetFleet
- iotfleetwise:GetModelManifest
- iotfleetwise:GetRegisterAccountStatus
- iotfleetwise:GetSignalCatalog
- iotfleetwise:GetVehicle
- iotfleetwise:GetVehicleStatus
- iotfleetwise:ImportDecoderManifest
- iotfleetwise:ImportSignalCatalog
- iotfleetwise:ListCampaigns
- iotfleetwise:ListDecoderManifestNetworkInterfaces
- iotfleetwise:ListDecoderManifestSignals
- iotfleetwise:ListDecoderManifests
- iotfleetwise:ListFleets
- iotfleetwise:ListFleetsForVehicle
- iotfleetwise:ListModelManifestNodes
- iotfleetwise:ListModelManifests
- iotfleetwise:ListSignalCatalogNodes
- iotfleetwise:ListSignalCatalogs
- iotfleetwise:ListVehicles
- iotfleetwise:ListVehiclesInFleet
- iotfleetwise:RegisterAccount
- iotfleetwise:UpdateCampaign
- iotfleetwise:UpdateDecoderManifest
- iotfleetwise:UpdateFleet
- iotfleetwise:UpdateModelManifest
- iotfleetwise:UpdateSignalCatalog
- iotfleetwise:UpdateVehicle
- iotroborunner:CreateAction
- iotroborunner:CreateActionTemplate
- iotroborunner:CreateActionTemplateDependency
- iotroborunner:CreateActivity
- iotroborunner:CreateActivityDependency
- iotroborunner:CreateDestination
- iotroborunner:CreateDestinationRelationship
- iotroborunner:CreateSite
- iotroborunner:CreateTask
- iotroborunner:CreateTaskDependency
- iotroborunner:CreateWorker
- iotroborunner:CreateWorkerFleet
- iotroborunner:DeleteAction
- iotroborunner:DeleteActionTemplate
- iotroborunner:DeleteActionTemplateDependency
- iotroborunner:DeleteActivity
- iotroborunner:DeleteActivityDependency
- iotroborunner:DeleteDestination
- iotroborunner:DeleteDestinationRelationship
- iotroborunner:DeleteSite
- iotroborunner:DeleteTask
- iotroborunner:DeleteTaskDependency
- iotroborunner:DeleteWorker
- iotroborunner:DeleteWorkerFleet
- iotroborunner:GetAction
- iotroborunner:GetActionTemplate
- iotroborunner:GetActivity
- iotroborunner:GetDestination
- iotroborunner:GetDestinationRelationship
- iotroborunner:GetSite
- iotroborunner:GetTask
- iotroborunner:GetWorker
- iotroborunner:GetWorkerFleet
- iotroborunner:ListActionTemplates
- iotroborunner:ListActions
- iotroborunner:ListActivities
- iotroborunner:ListDestinationRelationships
- iotroborunner:ListDestinations
- iotroborunner:ListSites
- iotroborunner:ListTasks
- iotroborunner:ListWorkerFleets
- iotroborunner:ListWorkers
- iotroborunner:UpdateActionState
- iotroborunner:UpdateActivity
- iotroborunner:UpdateDestination
- iotroborunner:UpdateSite
- iotroborunner:UpdateTask
- iotroborunner:UpdateWorker
- iotroborunner:UpdateWorkerFleet
- iottwinmaker:BatchPutPropertyValues
- iottwinmaker:CreateComponentType
- iottwinmaker:CreateEntity
- iottwinmaker:CreateScene
- iottwinmaker:CreateWorkspace
- iottwinmaker:DeleteComponentType
- iottwinmaker:DeleteEntity
- iottwinmaker:DeleteScene
- iottwinmaker:DeleteWorkspace
- iottwinmaker:GetComponentType
- iottwinmaker:GetEntity
- iottwinmaker:GetPropertyValue
- iottwinmaker:GetPropertyValueHistory
- iottwinmaker:GetScene
- iottwinmaker:GetWorkspace
- iottwinmaker:ListComponentTypes
- iottwinmaker:ListEntities
- iottwinmaker:ListScenes
- iottwinmaker:ListTagsForResource
- iottwinmaker:ListWorkspaces
- iottwinmaker:TagResource
- iottwinmaker:UntagResource
- iottwinmaker:UpdateComponentType
- iottwinmaker:UpdateEntity
- iottwinmaker:UpdateScene
- iottwinmaker:UpdateWorkspace
- iotwireless:DeleteQueuedMessages
- iotwireless:ListQueuedMessages
- kafka:CreateClusterV2
- kafka:DescribeClusterV2
- kafka:ListClustersV2
- kafkaconnect:DeleteCustomPlugin
- kendra:AssociateEntitiesToExperience
- kendra:AssociatePersonasToEntities
- kendra:CreateExperience
- kendra:DeleteExperience
- kendra:DescribeExperience
- kendra:DisassociateEntitiesFromExperience
- kendra:DisassociatePersonasFromEntities
- kendra:GetSnapshots
- kendra:ListEntityPersonas
- kendra:ListExperienceEntities
- kendra:ListExperiences
- kendra:UpdateExperience
- kinesis:UpdateStreamMode
- lakeformation:CancelTransaction
- lakeformation:CommitTransaction
- lakeformation:CreateDataCellsFilter
- lakeformation:DeleteDataCellsFilter
- lakeformation:DeleteObjectsOnCancel
- lakeformation:DescribeTransaction
- lakeformation:ExtendTransaction
- lakeformation:GetQueryState
- lakeformation:GetQueryStatistics
- lakeformation:GetTableObjects
- lakeformation:GetWorkUnitResults
- lakeformation:GetWorkUnits
- lakeformation:ListDataCellsFilter
- lakeformation:ListTableStorageOptimizers
- lakeformation:ListTransactions
- lakeformation:StartQueryPlanning
- lakeformation:StartTransaction
- lakeformation:UpdateTableObjects
- lakeformation:UpdateTableStorageOptimizer
- lambda:CreateFunctionUrlConfig
- lambda:DeleteFunctionUrlConfig
- lambda:GetFunctionUrlConfig
- lambda:InvokeFunctionUrl
- lambda:ListFunctionUrlConfigs
- lambda:UpdateFunctionUrlConfig
- lex:CreateCustomVocabulary
- lex:DeleteCustomVocabulary
- lex:DescribeBotRecommendation
- lex:DescribeCustomVocabulary
- lex:DescribeCustomVocabularyMetadata
- lex:ListBotRecommendations
- lex:ListRecommendedIntents
- lex:SearchAssociatedTranscripts
- lex:StartBotRecommendation
- lex:UpdateBotRecommendation
- lex:UpdateCustomVocabulary
- lookoutmetrics:DeactivateAnomalyDetector
- lookoutmetrics:ListAnomalyGroupRelatedMetrics
- lookoutvision:DescribeModelPackagingJob
- lookoutvision:ListModelPackagingJobs
- lookoutvision:StartModelPackagingJob
- medialive:ClaimDevice
- mediatailor:ConfigureLogsForPlaybackConfiguration
- mediatailor:CreatePrefetchSchedule
- mediatailor:DeletePrefetchSchedule
- mediatailor:GetPrefetchSchedule
- mediatailor:ListPrefetchSchedules
- mobiletargeting:CreateInAppTemplate
- mobiletargeting:DeleteInAppTemplate
- mobiletargeting:GetInAppTemplate
- mobiletargeting:SendOTPMessage
- mobiletargeting:UpdateInAppTemplate
- mobiletargeting:VerifyOTPMessage
- network-firewall:DescribeRuleGroupMetadata
- networkmanager:AcceptAttachment
- networkmanager:AssociateConnectPeer
- networkmanager:CreateConnectAttachment
- networkmanager:CreateConnectPeer
- networkmanager:CreateCoreNetwork
- networkmanager:CreateSiteToSiteVpnAttachment
- networkmanager:CreateVpcAttachment
- networkmanager:DeleteAttachment
- networkmanager:DeleteConnectPeer
- networkmanager:DeleteCoreNetwork
- networkmanager:DeleteCoreNetworkPolicyVersion
- networkmanager:DeleteResourcePolicy
- networkmanager:DisassociateConnectPeer
- networkmanager:ExecuteCoreNetworkChangeSet
- networkmanager:GetConnectAttachment
- networkmanager:GetConnectPeer
- networkmanager:GetConnectPeerAssociations
- networkmanager:GetCoreNetwork
- networkmanager:GetCoreNetworkChangeSet
- networkmanager:GetCoreNetworkPolicy
- networkmanager:GetResourcePolicy
- networkmanager:GetSiteToSiteVpnAttachment
- networkmanager:GetVpcAttachment
- networkmanager:ListAttachments
- networkmanager:ListConnectPeers
- networkmanager:ListCoreNetworkPolicyVersions
- networkmanager:ListCoreNetworks
- networkmanager:PutCoreNetworkPolicy
- networkmanager:PutResourcePolicy
- networkmanager:RejectAttachment
- networkmanager:RestoreCoreNetworkPolicyVersion
- networkmanager:UpdateCoreNetwork
- networkmanager:UpdateVpcAttachment
- organizations:CloseAccount
- outposts:CancelOrder
- outposts:CreatePrivateConnectivityConfig
- outposts:CreateSite
- outposts:GetCatalogItem
- outposts:GetOrder
- outposts:GetPrivateConnectivityConfig
- outposts:GetSite
- outposts:GetSiteAddress
- outposts:ListCatalogItems
- outposts:ListOrders
- outposts:UpdateOutpost
- outposts:UpdateSite
- outposts:UpdateSiteAddress
- outposts:UpdateSiteRackPhysicalProperties
- personalize:CreateBatchSegmentJob
- personalize:CreateRecommender
- personalize:DeleteRecommender
- personalize:DescribeBatchSegmentJob
- personalize:DescribeRecommender
- personalize:ListBatchSegmentJobs
- personalize:ListRecommenders
- personalize:UpdateRecommender
- pi:GetResourceMetadata
- pi:ListAvailableResourceDimensions
- pi:ListAvailableResourceMetrics
- profile:CreateIntegrationWorkflow
- profile:DeleteWorkflow
- profile:GetWorkflow
- profile:GetWorkflowSteps
- profile:ListWorkflows
- proton:CreateRepository
- proton:CreateTemplateSyncConfig
- proton:DeleteRepository
- proton:DeleteTemplateSyncConfig
- proton:GetRepository
- proton:GetRepositorySyncStatus
- proton:GetTemplateSyncConfig
- proton:GetTemplateSyncStatus
- proton:ListEnvironmentOutputs
- proton:ListEnvironmentProvisionedResources
- proton:ListRepositories
- proton:ListRepositorySyncDefinitions
- proton:ListServiceInstanceOutputs
- proton:ListServiceInstanceProvisionedResources
- proton:ListServicePipelineOutputs
- proton:ListServicePipelineProvisionedResources
- proton:NotifyResourceDeploymentStatusChange
- proton:UpdateRepository
- proton:UpdateTemplateSyncConfig
- quicksight:AccountConfigurations
- quicksight:DescribeGroupMembership
- quicksight:ScopeDownPolicy
- quicksight:SearchGroups
- ram:ListPermissionVersions
- rbin:CreateRule
- rbin:DeleteRule
- rbin:GetRule
- rbin:ListRules
- rbin:ListTagsForResource
- rbin:TagResource
- rbin:UntagResource
- rbin:UpdateRule
- redshift:AddPartner
- redshift:AuthorizeEndpointAccess
- redshift:CreateAuthenticationProfile
- redshift:CreateEndpointAccess
- redshift:DeleteAuthenticationProfile
- redshift:DeleteEndpointAccess
- redshift:DeletePartner
- redshift:DescribeAuthenticationProfiles
- redshift:DescribeEndpointAccess
- redshift:DescribeEndpointAuthorization
- redshift:DescribePartners
- redshift:DescribeReservedNodeExchangeStatus
- redshift:GetReservedNodeExchangeConfigurationOptions
- redshift:ModifyAuthenticationProfile
- redshift:ModifyEndpointAccess
- redshift:RevokeEndpointAccess
- redshift:UpdatePartnerStatus
- refactor-spaces:CreateApplication
- refactor-spaces:CreateEnvironment
- refactor-spaces:CreateRoute
- refactor-spaces:CreateService
- refactor-spaces:DeleteApplication
- refactor-spaces:DeleteEnvironment
- refactor-spaces:DeleteResourcePolicy
- refactor-spaces:DeleteRoute
- refactor-spaces:DeleteService
- refactor-spaces:GetApplication
- refactor-spaces:GetEnvironment
- refactor-spaces:GetResourcePolicy
- refactor-spaces:GetRoute
- refactor-spaces:GetService
- refactor-spaces:ListApplications
- refactor-spaces:ListEnvironmentVpcs
- refactor-spaces:ListEnvironments
- refactor-spaces:ListRoutes
- refactor-spaces:ListServices
- refactor-spaces:ListTagsForResource
- refactor-spaces:PutResourcePolicy
- refactor-spaces:TagResource
- refactor-spaces:UntagResource
- rhelkb:GetRhelURL
- route53-recovery-cluster:ListRoutingControls
- route53-recovery-control-config:ListTagsForResource
- route53-recovery-control-config:TagResource
- route53-recovery-control-config:UntagResource
- route53domains:DeleteDomain
- route53domains:ListPrices
- rum:CreateAppMonitor
- rum:DeleteAppMonitor
- rum:GetAppMonitor
- rum:GetAppMonitorData
- rum:ListAppMonitors
- rum:ListTagsForResource
- rum:PutRumEvents
- rum:TagResource
- rum:UntagResource
- rum:UpdateAppMonitor
- s3-outposts:ListSharedEndpoints
- s3:GetObjectAttributes
- s3:GetObjectVersionAttributes
- s3:InitiateReplication
- s3:PutAccessPointPublicAccessBlock
- sagemaker:CreateInferenceRecommendationsJob
- sagemaker:CreateLineageGroupPolicy
- sagemaker:CreateStudioLifecycleConfig
- sagemaker:DeleteLineageGroupPolicy
- sagemaker:DeleteStudioLifecycleConfig
- sagemaker:DescribeInferenceRecommendationsJob
- sagemaker:DescribeLineageGroup
- sagemaker:DescribeStudioLifecycleConfig
- sagemaker:GetLineageGroupPolicy
- sagemaker:ListInferenceRecommendationsJobs
- sagemaker:ListLineageGroups
- sagemaker:ListModelMetadata
- sagemaker:ListStudioLifecycleConfigs
- sagemaker:PutLineageGroupPolicy
- sagemaker:QueryLineage
- sagemaker:RetryPipelineExecution
- sagemaker:StopInferenceRecommendationsJob
- securityhub:BatchGetStandardsControlAssociations
- securityhub:BatchUpdateStandardsControlAssociations
- securityhub:ListSecurityControlDefinitions
- serviceextract:GetConfig
- shield:DisableApplicationLayerAutomaticResponse
- shield:EnableApplicationLayerAutomaticResponse
- shield:UpdateApplicationLayerAutomaticResponse
- sms-voice:AssociateOriginationIdentity
- sms-voice:CreateEventDestination
- sms-voice:CreateOptOutList
- sms-voice:CreatePool
- sms-voice:DeleteDefaultMessageType
- sms-voice:DeleteDefaultSenderId
- sms-voice:DeleteEventDestination
- sms-voice:DeleteKeyword
- sms-voice:DeleteOptOutList
- sms-voice:DeleteOptedOutNumber
- sms-voice:DeletePool
- sms-voice:DeleteTextMessageSpendLimitOverride
- sms-voice:DeleteVoiceMessageSpendLimitOverride
- sms-voice:DescribeAccountAttributes
- sms-voice:DescribeAccountLimits
- sms-voice:DescribeConfigurationSets
- sms-voice:DescribeKeywords
- sms-voice:DescribeOptOutLists
- sms-voice:DescribeOptedOutNumbers
- sms-voice:DescribePhoneNumbers
- sms-voice:DescribePools
- sms-voice:DescribeSenderIds
- sms-voice:DescribeSpendLimits
- sms-voice:DisassociateOriginationIdentity
- sms-voice:ListPoolOriginationIdentities
- sms-voice:ListTagsForResource
- sms-voice:PutKeyword
- sms-voice:PutOptedOutNumber
- sms-voice:ReleasePhoneNumber
- sms-voice:RequestPhoneNumber
- sms-voice:SendTextMessage
- sms-voice:SetDefaultMessageType
- sms-voice:SetDefaultSenderId
- sms-voice:SetTextMessageSpendLimitOverride
- sms-voice:SetVoiceMessageSpendLimitOverride
- sms-voice:TagResource
- sms-voice:UntagResource
- sms-voice:UpdateEventDestination
- sms-voice:UpdatePhoneNumber
- sms-voice:UpdatePool
- sqlworkbench:ListTaggedResources
- ssm:RegisterManagedInstance
- ssm:UnlabelParameterVersion
- storagegateway:UpdateSMBLocalGroups
- sustainability:GetCarbonFootprintSummary
- tax:GetExemptions
- tax:UpdateExemptions
- textract:AnalyzeID
- timestream:CreateScheduledQuery
- timestream:DeleteScheduledQuery
- timestream:DescribeScheduledQuery
- timestream:ExecuteScheduledQuery
- timestream:ListScheduledQueries
- timestream:PrepareQuery
- timestream:UpdateScheduledQuery
- transcribe:ListTagsForResource
- transcribe:TagResource
- transcribe:UntagResource
- trustedadvisor:DescribeRisk
- trustedadvisor:DescribeRiskResources
- trustedadvisor:DescribeRisks
- trustedadvisor:DownloadRisk
- trustedadvisor:UpdateRiskStatus
- wafv2:GenerateMobileSdkReleaseUrl
- wafv2:GetMobileSdkRelease
- wafv2:ListAvailableManagedRuleGroupVersions
- wafv2:ListMobileSdkReleases
- wellarchitected:CreateLensShare
- wellarchitected:CreateLensVersion
- wellarchitected:DeleteLens
- wellarchitected:DeleteLensShare
- wellarchitected:ExportLens
- wellarchitected:GetLens
- wellarchitected:ImportLens
- wellarchitected:ListLensShares
- workmail:DeleteEmailMonitoringConfiguration
- workmail:DescribeEmailMonitoringConfiguration
- workmail:PutEmailMonitoringConfiguration
- workspaces-web:AssociateBrowserSettings
- workspaces-web:AssociateNetworkSettings
- workspaces-web:AssociateTrustStore
- workspaces-web:AssociateUserSettings
- workspaces-web:CreateBrowserSettings
- workspaces-web:CreateIdentityProvider
- workspaces-web:CreateNetworkSettings
- workspaces-web:CreatePortal
- workspaces-web:CreateTrustStore
- workspaces-web:CreateUserSettings
- workspaces-web:DeleteBrowserSettings
- workspaces-web:DeleteIdentityProvider
- workspaces-web:DeleteNetworkSettings
- workspaces-web:DeletePortal
- workspaces-web:DeleteTrustStore
- workspaces-web:DeleteUserSettings
- workspaces-web:DisassociateBrowserSettings
- workspaces-web:DisassociateNetworkSettings
- workspaces-web:DisassociateTrustStore
- workspaces-web:DisassociateUserSettings
- workspaces-web:GetBrowserSettings
- workspaces-web:GetIdentityProvider
- workspaces-web:GetNetworkSettings
- workspaces-web:GetPortal
- workspaces-web:GetPortalServiceProviderMetadata
- workspaces-web:GetTrustStore
- workspaces-web:GetTrustStoreCertificate
- workspaces-web:GetUserSettings
- workspaces-web:ListBrowserSettings
- workspaces-web:ListIdentityProviders
- workspaces-web:ListNetworkSettings
- workspaces-web:ListPortals
- workspaces-web:ListTagsForResource
- workspaces-web:ListTrustStoreCertificates
- workspaces-web:ListTrustStores
- workspaces-web:ListUserSettings
- workspaces-web:TagResource
- workspaces-web:UntagResource
- workspaces-web:UpdateBrowserSettings
- workspaces-web:UpdateIdentityProvider
- workspaces-web:UpdateNetworkSettings
- workspaces-web:UpdatePortal
- workspaces-web:UpdateTrustStore
- workspaces-web:UpdateUserSettings
- workspaces:CreateConnectClientAddIn
- workspaces:DeleteClientBranding
- workspaces:DeleteConnectClientAddIn
- workspaces:DescribeClientBranding
- workspaces:DescribeConnectClientAddIns
- workspaces:ImportClientBranding
- workspaces:UpdateConnectClientAddIn

**Updated action access level:**

- aws-marketplace:ListChangeSets: Read -> List
- aws-marketplace:ListEntities: Read -> List
- ds:ConnectDirectory: Tagging -> Write
- ds:CreateDirectory: Tagging -> Write
- ds:CreateIdentityPoolDirectory: Tagging -> Write
- ds:CreateMicrosoftAD: Tagging -> Write
- geo:ListDevicePositions: List -> Read
- panorama:ListTagsForResource: List -> Read
- redshift:AuthorizeClusterSecurityGroupIngress: Permissions management -> Write
- redshift:RevokeClusterSecurityGroupIngress: Permissions management -> Write
- redshift:RotateEncryptionKey: Permissions management -> Write
- route53domains:ListTagsForDomain: List -> Read
- servicediscovery:ListInstances: List -> Read
- servicediscovery:ListNamespaces: List -> Read
- servicediscovery:ListServices: List -> Read
- servicediscovery:ListTagsForResource: List -> Read
- ssm:DescribePatchGroupState: Read -> List
- ssm:ListDocumentMetadataHistory: Read -> List
- ssm:ModifyDocumentPermission: Write -> Permissions management

**New resource types:**

- amplifybackend:storage
- amplifyuibuilder:ComponentResource
- amplifyuibuilder:ThemeResource
- appconfig:configuration
- appflow:connector
- apprunner:vpcconnector
- appsync:domain
- billingconductor:billingGroup
- billingconductor:customLineItem
- billingconductor:pricingPlan
- billingconductor:pricingRule
- braket:job
- ce:anomalymonitor
- ce:anomalysubscription
- ce:costcategory
- cloudfront:response-headers-policy
- cloudtrail:eventdatastore
- comprehend:targeted-sentiment-detection-job
- connect:vocabulary
- ec2:group
- ec2:ipam
- ec2:ipam-pool
- ec2:ipam-scope
- ec2:license-configuration
- ec2:network-insights-access-scope
- ec2:network-insights-access-scope-analysis
- ec2:subnet-cidr-reservation
- events:endpoint
- evidently:Experiment
- evidently:Feature
- evidently:Launch
- evidently:Project
- fsx:association
- fsx:snapshot
- gamesparks:game
- gamesparks:stage
- glue:blueprint
- glue:session
- identity-sync:SyncProfileResource
- identity-sync:SyncTargetResource
- iotdeviceadvisor:Suitedefinition
- iotdeviceadvisor:Suiterun
- iotfleetwise:campaign
- iotfleetwise:decodermanifest
- iotfleetwise:fleet
- iotfleetwise:modelmanifest
- iotfleetwise:signalcatalog
- iotfleetwise:vehicle
- iotroborunner:ActionResource
- iotroborunner:ActionTemplateResource
- iotroborunner:ActivityResource
- iotroborunner:DestinationRelationshipResource
- iotroborunner:DestinationResource
- iotroborunner:SiteResource
- iotroborunner:TaggingResource
- iotroborunner:TaskResource
- iotroborunner:WorkerFleetResource
- iotroborunner:WorkerResource
- iottwinmaker:componentType
- iottwinmaker:entity
- iottwinmaker:scene
- iottwinmaker:workspace
- kafka:configuration
- kafka:group
- kafka:topic
- kafka:transactional-id
- kendra:experience
- mediastore:folder
- mediastore:object
- mediatailor:prefetchSchedule
- networkmanager:attachment
- networkmanager:connect-peer
- networkmanager:core-network
- personalize:batchSegmentJob
- personalize:recommender
- proton:repository
- rbin:rule
- refactor-spaces:application
- refactor-spaces:environment
- refactor-spaces:route
- refactor-spaces:service
- rum:AppMonitorResource
- sagemaker:inference-recommendations-job
- sagemaker:lineage-group
- sagemaker:studio-lifecycle-config
- sms-voice:ConfigurationSet
- sms-voice:OptOutList
- sms-voice:PhoneNumber
- sms-voice:Pool
- sms-voice:SenderId
- timestream:scheduled-query
- transcribe:callanalyticscategory
- transcribe:callanalyticsjob
- transcribe:languagemodel
- transcribe:medicaltranscriptionjob
- transcribe:medicalvocabulary
- transcribe:transcriptionjob
- transcribe:vocabulary
- transcribe:vocabularyfilter
- wellarchitected:lens
- workspaces-web:browserSettings
- workspaces-web:networkSettings
- workspaces-web:portal
- workspaces-web:trustStore
- workspaces-web:userSettings

**New condition keys:**

- amplifyuibuilder:AppId
- amplifyuibuilder:ComponentsId
- amplifyuibuilder:EnvironmentName
- amplifyuibuilder:RequestTag/${TagKey}
- amplifyuibuilder:ResourceTag/${TagKey}
- amplifyuibuilder:TagKeys
- amplifyuibuilder:ThemesId
- apprunner:VpcConnectorArn
- billingconductor:RequestTag/${TagKey}
- billingconductor:ResourceTag/${TagKey}
- billingconductor:TagKeys
- ce:RequestTag/${TagKey}
- ce:ResourceTag/${TagKey}
- ce:TagKeys
- cloudtrail:RequestTag/${TagKey}
- cloudtrail:ResourceTag/${TagKey}
- cloudtrail:TagKeys
- compute-optimizer:ResourceType
- ec2:Add/group
- ec2:Add/userId
- ec2:Attribute
- ec2:DhcpOptionsID
- ec2:ImageID
- ec2:InsideTunnelIpv6Cidr
- ec2:InstanceAutoRecovery
- ec2:InstanceID
- ec2:InstanceMetadataTags
- ec2:InternetGatewayID
- ec2:Ipv4IpamPoolId
- ec2:Ipv6IpamPoolId
- ec2:NetworkAclID
- ec2:NetworkInterfaceID
- ec2:PlacementGroupName
- ec2:Remove/group
- ec2:Remove/userId
- ec2:ReplayWindowSizePackets
- ec2:RouteTableID
- ec2:SecurityGroupID
- ec2:SnapshotID
- ec2:SubnetID
- ec2:VolumeID
- ec2:VpcID
- ec2:VpcPeeringConnectionID
- events:EventBusArn
- evidently:RequestTag/${TagKey}
- evidently:ResourceTag/${TagKey}
- evidently:TagKeys
- fsx:ParentVolumeId
- gamesparks:RequestTag/${TagKey}
- gamesparks:ResourceTag/${TagKey}
- gamesparks:TagKeys
- grafana:RequestTag/${TagKey}
- grafana:ResourceTag/${TagKey}
- grafana:TagKeys
- groundstation:ConfigId
- groundstation:ConfigType
- groundstation:ContactId
- groundstation:DataflowEndpointGroupId
- groundstation:GroundStationId
- groundstation:MissionProfileId
- groundstation:SatelliteId
- imagebuilder:Ec2MetadataHttpTokens
- imagebuilder:StatusTopicArn
- iotfleetwise:UpdateToDecoderManifestArn
- iotfleetwise:UpdateToModelManifestArn
- iotroborunner:ActionResourceId
- iotroborunner:ActionTemplateResourceId
- iotroborunner:ActivityResourceId
- iotroborunner:DestinationRelationshipResourceId
- iotroborunner:DestinationResourceId
- iotroborunner:SiteResourceId
- iotroborunner:TaggingResourceTagKey
- iotroborunner:TaskResourceId
- iotroborunner:WorkerFleetResourceId
- iotroborunner:WorkerResourceId
- iottwinmaker:RequestTag/${TagKey}
- iottwinmaker:ResourceTag/${TagKey}
- iottwinmaker:TagKeys
- kms:EncryptionContext
- kms:RecipientAttestation
- kms:RequestTag/${TagKey}
- kms:TagKeys
- lambda:FunctionUrlAuthType
- mediastore:RequestTag/${TagKey}
- mediastore:ResourceTag/${TagKey}
- mediastore:TagKeys
- mgn:CreateAction
- networkmanager:subnetArns
- networkmanager:vpcArn
- networkmanager:vpnConnectionArn
- rbin:RequestTag/${TagKey}
- rbin:ResourceTag/${TagKey}
- rbin:TagKeys
- refactor-spaces:ApplicationCreatedByAccount
- refactor-spaces:CreatedByAccountIds
- refactor-spaces:RequestTag/${TagKey}
- refactor-spaces:ResourceTag/${TagKey}
- refactor-spaces:RouteCreatedByAccount
- refactor-spaces:ServiceCreatedByAccount
- refactor-spaces:SourcePath
- refactor-spaces:TagKeys
- route53-recovery-cluster:AllowSafetyRulesOverrides
- route53-recovery-control-config:RequestTag/${TagKey}
- route53-recovery-control-config:ResourceTag/${TagKey}
- route53-recovery-control-config:TagKeys
- rum:RequestTag/${TagKey}
- rum:ResourceTag/${TagKey}
- rum:TagKeys
- s3:x-amz-object-ownership
- secretsmanager:ModifyRotationRules
- secretsmanager:RotateImmediately
- sms-voice:RequestTag/${TagKey}
- sms-voice:ResourceTag/${TagKey}
- sms-voice:TagKeys
- sns:ResourceTag/${TagKey}
- ssm:DocumentCategories
- synthetics:Names
- synthetics:RequestTag/${TagKey}
- synthetics:TagKeys
- transcribe:OutputLocation
- transcribe:RequestTag/${TagKey}
- transcribe:ResourceTag/${TagKey}
- transcribe:TagKeys
- workspaces-web:RequestTag/${TagKey}
- workspaces-web:ResourceTag/${TagKey}
- workspaces-web:TagKeys

**New actions:**

- aws-portal:GetConsoleActionSetEnforced
- aws-portal:UpdateConsoleActionSetEnforced
- purchase-orders:GetConsoleActionSetEnforced
- purchase-orders:UpdateConsoleActionSetEnforced
- rekognition:CreateFaceLivenessSession
- rekognition:GetFaceLivenessSessionResults
- rekognition:StartFaceLivenessSession
- s3-outposts:GetObjectVersionForReplication
- s3-outposts:GetReplicationConfiguration
- s3-outposts:PutReplicationConfiguration
- s3-outposts:ReplicateDelete
- s3-outposts:ReplicateObject
- s3-outposts:ReplicateTags

**New actions:**

- quicksight:CreateRefreshSchedule
- quicksight:DeleteDataSetRefreshProperties
- quicksight:DeleteRefreshSchedule
- quicksight:DescribeDataSetRefreshProperties
- quicksight:DescribeRefreshSchedule
- quicksight:ListRefreshSchedules
- quicksight:PutDataSetRefreshProperties
- quicksight:UpdateRefreshSchedule

**New resource types:**

- quicksight:refreshschedule

:warning: **Removed services:**

- sumerian

:warning: **Removed actions:**

- sumerian:Login
- sumerian:ViewRelease

:warning: **Removed resource types:**

- sumerian:project

**New actions:**

- codecatalyst:ListTagsForResource
- codecatalyst:TagResource
- codecatalyst:UntagResource
- trustedadvisor:CreateEngagement
- trustedadvisor:CreateEngagementAttachment
- trustedadvisor:CreateEngagementCommunication
- trustedadvisor:GetEngagement
- trustedadvisor:GetEngagementAttachment
- trustedadvisor:GetEngagementType
- trustedadvisor:ListEngagementCommunications
- trustedadvisor:ListEngagementTypes
- trustedadvisor:ListEngagements
- trustedadvisor:UpdateEngagementStatus

**New actions:**

- iotwireless:DeregisterWirelessDevice
- ssm:UpdateInstanceAssociationStatus
- workdocs:SearchResources