{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "quicksight:DescribeAccountSettings",
                "quicksight:DescribeAccountSubscription",
                "quicksight:DescribeIpRestriction",
                "quicksight:ListUsers",
                "ram:GetResourcePolicies",
                "ram:GetResourceShares",
                "ram:ListPrincipals",
                "ram:ListResources",
                "rbin:GetRule",
                "rbin:ListRules",
                "rds:DescribeDBClusterParameterGroups",
                "rds:DescribeDBClusterParameters",
                "rds:DescribeDBClusterSnapshotAttributes",
                "rds:DescribeDBClusterSnapshots",
                "rds:DescribeDBClusters",
                "rds:DescribeDBEngineVersions",
                "rds:DescribeDBInstances",
                "rds:DescribeDBParameterGroups",
                "rds:DescribeDBParameters",
                "rds:DescribeDBProxies",
                "rds:DescribeDBSnapshotAttributes",
                "rds:DescribeDBSnapshots",
                "rds:DescribeEventSubscriptions",
                "rds:DescribeGlobalClusters",
                "rds:DescribeOptionGroups",
                "rds:DescribePendingMaintenanceActions",
                "rds:DescribeReservedDBInstances",
                "rds:ListTagsForResource",
                "redshift-serverless:ListNamespaces",
                "redshift-serverless:ListWorkgroups",
                "redshift:DescribeClusterParameterGroups",
                "redshift:DescribeClusterParameters",
                "redshift:DescribeClusterSnapshots",
                "redshift:DescribeClusterSubnetGroups",
                "redshift:DescribeClusters",
                "redshift:DescribeLoggingStatus",
                "redshift:DescribeTags",
                "route53:GetDNSSEC",
                "route53:GetHostedZone",
                "route53:ListGeoLocations",
                "route53:ListHealthChecks",
                "route53:ListHostedZones",
                "route53:ListHostedZonesByName",
                "route53:ListHostedZonesByVpc",
                "route53:ListQueryLoggingConfigs",
                "route53:ListResourceRecordSets",
                "route53:ListTagsForResource",
                "route53:ListTagsForResources",
                "route53:ListVPCAssociationAuthorizations",
                "route53domains:GetDomainDetail",
                "route53domains:ListDomains",
                "route53resolver:ListResolverQueryLogConfigAssociations",
                "route53resolver:ListResolverQueryLogConfigs",
                "s3:GetAccessPointPolicy",
                "s3:GetAccessPointPolicyStatus",
                "s3:GetAccountPublicAccessBlock",
                "s3:GetBucketAcl",
                "s3:GetBucketCORS",
                "s3:GetBucketLocation",
                "s3:GetBucketLogging",
                "s3:GetBucketNotification",
                "s3:GetBucketObjectLockConfiguration",
                "s3:GetBucketOwnershipControls",
                "s3:GetBucketPolicy",
                "s3:GetBucketPolicyStatus",
                "s3:GetBucketPublicAccessBlock",
                "s3:GetBucketTagging",
                "s3:GetBucketVersioning",
                "s3:GetBucketWebsite",
                "s3:GetEncryptionConfiguration",
                "s3:GetIntelligentTieringConfiguration",
                "s3:GetLifecycleConfiguration",
                "s3:GetMultiRegionAccessPointPolicy",
                "s3:GetMultiRegionAccessPointPolicyStatus",
                "s3:GetReplicationConfiguration",
                "s3:ListAccessPoints",
                "s3:ListAllMyBuckets",
                "s3:ListMultiRegionAccessPoints",
                "sagemaker:DescribeNotebookInstance",
                "sagemaker:DescribeTrainingJob",
                "sagemaker:ListNotebookInstances",
                "sagemaker:ListTags",
                "sagemaker:ListTrainingJobs",
                "savingsplans:DescribeSavingsPlans",
                "secretsmanager:DescribeSecret",
                "secretsmanager:GetResourcePolicy",
                "secretsmanager:ListSecrets",
                "securityhub:DescribeHub",
                "serverlessrepo:GetApplication",
                "serverlessrepo:GetApplicationPolicy",
                "serverlessrepo:ListApplications",
                "ses:DescribeConfigurationSet",
                "ses:DescribeReceiptRuleSet",
                "ses:GetIdentityDkimAttributes",
                "ses:GetIdentityMailFromDomainAttributes",
                "ses:GetIdentityNotificationAttributes",
                "ses:GetIdentityVerificationAttributes",
                "ses:ListConfigurationSets",
                "ses:ListIdentities",
                "ses:ListIdentityPolicies",
                "ses:ListReceiptRuleSets",
                "shield:DescribeAttack",
                "shield:DescribeEmergencyContactSettings",
                "shield:GetSubscriptionState",
                "shield:ListAttacks",
                "shield:ListProtections",
                "sns:GetSubscriptionAttributes",
                "sns:GetTopicAttributes",
                "sns:ListSubscriptions",
                "sns:ListTopics",
                "sqs:GetQueueAttributes",
                "sqs:ListQueueTags",
                "sqs:ListQueues",
                "ssm:DescribeAssociation",
                "ssm:DescribeDocument",
                "ssm:DescribeDocumentPermission",
                "ssm:DescribeInstanceInformation",
                "ssm:DescribeParameters",
                "ssm:GetDocument",
                "ssm:GetServiceSetting",
                "ssm:ListAssociations",
                "ssm:ListDocumentVersions",
                "ssm:ListDocuments",
                "states:DescribeStateMachine",
                "states:ListStateMachines",
                "storagegateway:DescribeGatewayInformation",
                "storagegateway:DescribeNFSFileShares",
                "storagegateway:DescribeSMBFileShares",
                "storagegateway:DescribeSMBSettings",
                "storagegateway:ListFileShares",
                "storagegateway:ListGateways",
                "sts:GetCallerIdentity",
                "support:DescribeTrustedAdvisorChecks",
                "support:DescribeTrustedAdvisorCheckResult",
                "support:RefreshTrustedAdvisorCheck",
                "tag:GetResources",
                "timestream:DescribeEndpoints",
                "timestream:ListDatabases",
                "timestream:ListTables",
                "transcribe:GetMedicalTranscriptionJob",
                "transcribe:GetTranscriptionJob",
                "transcribe:ListMedicalTranscriptionJobs",
                "transcribe:ListTranscriptionJobs",
                "transfer:DescribeServer",
                "transfer:DescribeUser",
                "transfer:ListServers",
                "transfer:ListUsers",
                "waf-regional:GetRule",
                "waf-regional:GetWebACL",
                "waf-regional:ListResourcesForWebACL",
                "waf-regional:ListRules",
                "waf-regional:ListWebACLs",
                "waf:GetChangeToken",
                "waf:GetRule",
                "waf:GetWebACL",
                "waf:ListLoggingConfigurations",
                "waf:ListRules",
                "waf:ListWebACLs",
                "wafv2:GetWebACL",
                "wafv2:ListLoggingConfigurations",
                "wafv2:ListResourcesForWebACL",
                "wafv2:ListWebACLs",
                "workspaces:DescribeTags",
                "workspaces:DescribeWorkspaceBundles",
                "workspaces:DescribeWorkspaceDirectories",
                "workspaces:DescribeWorkspaces",
                "workspaces:DescribeWorkspacesConnectionStatus"
            ],
            "Effect": "Allow",
            "Resource": "*"
        }
    ]
}