% curl \
-s 'https://awspolicygen.s3.amazonaws.com/js/policies.js' \
| sed 's#app.PolicyEditorConfig=##' \
| jq -r '.serviceMap[]|.StringPrefix as $prefix|.Actions[] | "\($prefix):\(.)"' \
| sort -u
a2c:GetContainerizationJobDetails
a2c:GetDeploymentJobDetails
a2c:StartContainerizationJob
a2c:StartDeploymentJob
...
xray:TagResource
xray:UntagResource
xray:UpdateGroup
xray:UpdateSamplingRule
% cat aws-policies.sh
#!/bin/bash
regex=' '
[[ ! -z $1 ]] && {
regex="$1"
}
curl \
-s 'https://awspolicygen.s3.amazonaws.com/js/policies.js' \
| sed 's#app.PolicyEditorConfig=##' \
| jq -r '.serviceMap[]|.StringPrefix as $prefix|.Actions[] | "\($prefix):\(.)"' \
| sort -u \
| grep -E "$regex"
$ ./aws-policies.sh '.*AssumeRole.*' eks-auth:AssumeRoleForPodIdentity iam:UpdateAssumeRolePolicy sts:AssumeRole sts:AssumeRoleWithSAML sts:AssumeRoleWithWebIdentity