accounts:CreateAccount | ✔️ | ✔️ | ❌ | ❌ | Allows the token to create an Account |
accounts:CreateAccountType | ✔️ | ✔️ | ❌ | ❌ | Allows the token to create an Account Type |
accounts:DeleteAccountType | ✔️ | ✔️ | ❌ | ❌ | Allows the token to delete an Account Type |
accounts:DiscoverAccounts | ✔️ | ✔️ | ❌ | ❌ | Allows the token to discover AWS Accounts associated with the Organization |
accounts:OnboardAccounts | ✔️ | ✔️ | ❌ | ❌ | Allows the token to onboard AWS Accounts associated with the Organization |
accounts:ReadAccountTypes | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view Account Types |
accounts:ReadAccounts | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view Accounts |
accounts:UpdateAccount | ✔️ | ✔️ | ❌ | ❌ | Allows the token to update an Account name, description and tags |
accounts:UpdateAccountType | ✔️ | ✔️ | ❌ | ❌ | Allows the token to update an Account Type |
accounts:UpdateAccountTypeAccess | ✔️ | ✔️ | ❌ | ❌ | Allows the token to add an AWS role to an Account Type |
account:UpdateAccountTypeMembers | ✔️ | ✔️ | ❌ | ❌ | Allows the token to move accounts between Account Types |
account:UpdatePolicies | ✔️ | ✔️ | ❌ | ❌ | Allows the token to add or remove Policies from an Account Type |
alias:CheckAliasAvailability | ✔️ | ✔️ | ✔️ | | Allows token to check if a Customer Alias is already in use |
networking:CreateCIDRExclusion | ✔️ | ✔️ | ❌ | ❌ | Allows the token to create a CIDR Exclusion |
networking:CreateCIDRRange | ✔️ | ✔️ | ❌ | ❌ | Allows the token to create a CIDR Range |
networking:CreateDnsResolver | ✔️ | ✔️ | ❌ | ❌ | Allows the token to create a DNS Resolver |
networking:CreateDnsRule | ✔️ | ✔️ | ❌ | ❌ | Allows the token to create a DNS Rule |
networking:CreateDxAssociation | ✔️ | ✔️ | ❌ | ❌ | Allows the token to create a DX Association between a Stax Networking Hub or Stax VPC and a Stax DX Gateway |
networking:CreateDxResource | ✔️ | ✔️ | ❌ | ❌ | Allows the token to create a DX Resource, a DX Gateway and/or DX Vif |
networking:CreateHub | ✔️ | ✔️ | ❌ | ❌ | Allows the token to create a Networking Hub |
networking:CreateVPC | ✔️ | ✔️ | ✔️ | ❌ | Allows the token to create a VPC |
networking:CreateVpnConnection | ✔️ | ✔️ | ❌ | ❌ | Allows the token to create a VPN Connection between a Stax Networking Hub or Stax VPC and a Stax VPN Customer Gateway |
networking:CreateVpnCustomerGateway | ✔️ | ✔️ | ❌ | ❌ | Allows the token to create a VPN Customer Gateway |
networking:DeleteCIDRExclusion | ✔️ | ✔️ | ❌ | ❌ | Allows the token to delete a CIDR Exclusion |
networking:DeleteCIDRRange | ✔️ | ✔️ | ❌ | ❌ | Allows the token to delete a CIDR Range |
networking:DeleteDnsResolver | ✔️ | ✔️ | ❌ | ❌ | Allows the token to delete a DNS Resolver within a Stax Networking Hub |
networking:DeleteDnsRule | ✔️ | ✔️ | ❌ | ❌ | Allows the token to delete a DNS Rule |
networking:DeleteDxAssociation | ✔️ | ✔️ | ❌ | ❌ | Allows the token to delete a DX Association |
networking:DeleteDxGateway | ✔️ | ✔️ | ❌ | ❌ | Allows the token to delete a DX Gateway |
networking:DeleteDxVif | ✔️ | ✔️ | ❌ | ❌ | Allows the token to delete a DX Vif |
networking:DeleteHub | ✔️ | ✔️ | ❌ | ❌ | Allows the token to delete a Networking Hub |
networking:DeleteVPC | ✔️ | ✔️ | ❌ | ❌ | Allows the token to delete a VPC |
networking:DeleteVpnConnection | ✔️ | ✔️ | ❌ | ❌ | Allows the token to delete a VPN Connection with a Stax VPN Customer Gateway |
networking:DeleteVpnCustomerGateway | ✔️ | ✔️ | ✔️ | ❌ | Allows the token to delete a Stax VPN Customer Gateway |
networking:ReadCIDRExclusions | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view CIDR Exclusions |
networking:ReadCIDRRange | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view CIDR Ranges |
networking:ReadDnsResolvers | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view DNS Resolvers for a Stax Networking Hub |
networking:ReadDnsRules | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view DNS Rules for Stax DNS Resolvers |
networking:ReadDxAssociations | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view DX Associations |
networking:ReadDxConnections | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view DX Connections within Accounts |
networking:ReadDxResources | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view DX Gateways |
networking:ReadDxVifStatus | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view DX Vifs |
networking:ReadHubs | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view Networking Hubs |
networking:ReadVPCs | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view VPCs |
networking:ReadVpnConnection | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view VPN Connections |
networking:ReadVpnConnectionStatus | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view the connectivity status of VPN Tunnels for VPN Connections |
networking:ReadVpnCustomerGateways | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view VPN Customer Gateways |
networking:UpdateCIDRExclusion | ✔️ | ✔️ | ❌ | ❌ | Allows the token to update a CIDR Exclusion |
networking:UpdateCIDRRange | ✔️ | ✔️ | ❌ | ❌ | Allows the token to update a CIDR Range |
networking:UpdateDnsResolver | ✔️ | ✔️ | ❌ | ❌ | Allows the token to update a DNS Resolver |
networking:UpdateDnsRule | ✔️ | ✔️ | ❌ | ❌ | Allows the token to update a DNS Rule |
networking:UpdateDxAssociation | ✔️ | ✔️ | ❌ | ❌ | Allows the token to update a DX Association |
networking:UpdateDxVif | ✔️ | ✔️ | ❌ | ❌ | Allows the token to update a DX Vif |
networking:UpdateHub | ✔️ | ✔️ | ❌ | ❌ | Allows the token to update a Networking Hub |
networking:UpdateVPC | ✔️ | ✔️ | ✔️ | ❌ | Allows the token to update a VPC |
networking:UpdateVpnConnection | ✔️ | ✔️ | ❌ | ❌ | Allows the token to update a VPN Connection |
networking:UpdateVpnCustomerGateway | ✔️ | ✔️ | ❌ | ❌ | Allows the token to update a VPN Customer Gateway |
organisations:AttachPolicy | ✔️ | ✔️ | ❌ | ❌ | Allows the token to attach a Policy to an Organization |
organisations:CreatePolicy | ✔️ | ✔️ | ❌ | ❌ | Allows the token to create a Policy |
organisations:DeletePolicy | ✔️ | ✔️ | ❌ | ❌ | Allows the token to delete a Policy |
organisations:DetachPolicy | ✔️ | ✔️ | ❌ | ❌ | Allows the token to detach a Policy from an Organization |
organisations:ReadOrganisation | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view their Organization details |
organisations:ReadPolicies | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view Policies |
organisations:UpdatePolicy | ✔️ | ✔️ | ❌ | ❌ | Allows the token to update a Policy |
tasks:ReadTasks | ✔️ | ✔️ | ✔️ | | Allows the token to view the status of a task |
tasks:ReadTasksbyStatus | ✔️ | ✔️ | ✔️ | | Allows the token to view tasks by status |
teams:CreateAPIToken | ✔️ | ✔️ | ❌ | ❌ | Allows the token to create an API Token |
teams:CreateGroup | ✔️ | ✔️ | ❌ | ❌ | Allows the token to create a Group |
teams:CreateUser | ✔️ | ✔️ | ❌ | ❌ | Allows the token to invite a new team member |
teams:DeleteAPIToken | ✔️ | ✔️ | ❌ | ❌ | Allows the token to delete an API Token |
teams:DeleteGroup | ✔️ | ✔️ | ❌ | ❌ | Allows the token to delete a Group |
teams:DeleteUser | ✔️ | ✔️ | ❌ | ❌ | Allows the token to delete a team member |
teams:ReadAPITokens | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view API Tokens |
teams:ReadGroups | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view Groups |
teams:ReadUsers | ✔️ | ✔️ | ✔️ | ✔️ | Allows the token to view all team members |
teams:UpdateAPITokens | ✔️ | ✔️ | |