It's happened. It's finally here. No, I'm not talking about the next iPhone. I'm talking about programmatic access to the AWS IAM action list! Wait, what do you mean "I'm not excited about that"?! Get your priorities straight.
You can see the list in all it's raw JSON glory, starting from the endpoint https://servicereference.us-east-1.amazonaws.com/ and then navigate down to the service level, for example https://servicereference.us-east-1.amazonaws.com/v1/iam/iam.json for IAM.
Since forever, the gospel truth of what IAM actions there were, and what ARNs and conditions has been the Service Authorization Refernce. While an exhaustive resource, it's not the most navigable. The actions also didn't appear in the AWS IAM User Guide until recently, and now they do the PDF is over 3,000 pages.
Just saw the AWS IAM User Guide is now 3,220 pages long 🤯
— rowan (@elrowan) May 16, 2024
I'm sure it was only 1,200-ish when I was writing https://t.co/9fVsi3em2g last year! How has it more than doubled?!
IAM Dataset
In light of this, the amazing Ian Mckay did the needful 🙇 and created https://github.com/iann0036/iam-dataset - a JSON-based record of all the official sources of IAM actions and details. This project drives great tools such as https://github.com/iann0036/iamlive and https://www.localstack.cloud/.
The Programatic Service Reference
AWS has finally done the work to make the action list programmatically available to us, something you could argue they should've done in the first place, even before the official documentation!
At the moment it's just the action names, but I believe they have plans to include other information like condition keys, etc in the near future.
Putting it all together
Having the reference files is great, but rarely do I need to look at only one service. It's much more useful to have all the actions in the same file, but who has time to write all that code themselves? GenAI to the rescue!
262588213843476
This gives you a JSON with all the actions organised by service name. Note that there's key case inconsistencies (e.g. lowercase in the top level file, Capital case in the service-level files).