| glue:BatchCreatePartition | Admin |
| glue:BatchDeleteConnection | Admin |
| glue:BatchDeletePartition | Admin |
| glue:BatchDeleteTable | Admin |
| glue:BatchDeleteTableVersion | Admin |
| glue:BatchUpdatePartition | Admin |
| glue:CreateBlueprint | Admin |
| glue:CreateClassifier | Admin |
| glue:CreateConnection | Admin |
| glue:CreateCrawler | Admin |
| glue:CreateDatabase | Admin |
| glue:CreateDevEndpoint | Admin |
| glue:CreateJob | Admin |
| glue:CreateMLTransform | Admin |
| glue:CreatePartition | Admin |
| glue:CreatePartitionIndex | Admin |
| glue:CreateRegistry | Admin |
| glue:CreateSchema | Admin |
| glue:CreateSecurityConfiguration | Admin |
| glue:CreateSession | Admin |
| glue:CreateTable | Admin |
| glue:CreateTrigger | Admin |
| glue:CreateUserDefinedFunction | Admin |
| glue:CreateWorkflow | Admin |
| glue:DeleteBlueprint | Admin |
| glue:DeleteClassifier | Admin |
| glue:DeleteColumnStatisticsForPartition | Admin |
| glue:DeleteColumnStatisticsForTable | Admin |
| glue:DeleteConnection | Admin |
| glue:DeleteCrawler | Admin |
| glue:DeleteDatabase | Admin |
| glue:DeleteDevEndpoint | Admin |
| glue:DeleteJob | Admin |
| glue:DeleteMLTransform | Admin |
| glue:DeletePartition | Admin |
| glue:DeletePartitionIndex | Admin |
| glue:DeleteRegistry | Admin |
| glue:DeleteResourcePolicy | Admin |
| glue:DeleteSchema | Admin |
| glue:DeleteSchemaVersions | Admin |
| glue:DeleteSecurityConfiguration | Admin |
| glue:DeleteSession | Admin |
| glue:DeleteTable | Admin |
| glue:DeleteTableVersion | Admin |
| glue:DeleteTrigger | Admin |
| glue:DeleteUserDefinedFunction | Admin |
| glue:DeleteWorkflow | Admin |
| glue:ImportCatalogToGlue | Admin |
| glue:PutDataCatalogEncryptionSettings | Admin |
| glue:PutResourcePolicy | Admin |
| glue:PutSchemaVersionMetadata | Admin |
| glue:PutWorkflowRunProperties | Admin |
| glue:RemoveSchemaVersionMetadata | Admin |
| glue:UpdateBlueprint | Admin |
| glue:UpdateClassifier | Admin |
| glue:UpdateColumnStatisticsForPartition | Admin |
| glue:UpdateColumnStatisticsForTable | Admin |
| glue:UpdateConnection | Admin |
| glue:UpdateCrawler | Admin |
| glue:UpdateDatabase | Admin |
| glue:UpdateDevEndpoint | Admin |
| glue:UpdateJob | Admin |
| glue:UpdateMLTransform | Admin |
| glue:UpdatePartition | Admin |
| glue:UpdateRegistry | Admin |
| glue:UpdateSchema | Admin |
| glue:UpdateTable | Admin |
| glue:UpdateTrigger | Admin |
| glue:UpdateUserDefinedFunction | Admin |
| glue:UpdateWorkflow | Admin |
| iam:PassRole | Admin |
| glue:BatchStopJobRun | Operator |
| glue:CancelMLTaskRun | Operator |
| glue:CancelStatement | Operator |
| glue:CheckSchemaVersionValidity | Operator |
| glue:CreateScript | Operator |
| glue:GetMapping | Operator |
| glue:NotifyEvent | Operator |
| glue:QuerySchemaVersionMetadata | Operator |
| glue:RegisterSchemaVersion | Operator |
| glue:ResetJobBookmark | Operator |
| glue:ResumeWorkflowRun | Operator |
| glue:RunStatement | Operator |
| glue:StartBlueprintRun | Operator |
| glue:StartCrawler | Operator |
| glue:StartCrawlerSchedule | Operator |
| glue:StartExportLabelsTaskRun | Operator |
| glue:StartImportLabelsTaskRun | Operator |
| glue:StartJobRun | Operator |
| glue:StartMLEvaluationTaskRun | Operator |
| glue:StartMLLabelingSetGenerationTaskRun | Operator |
| glue:StartTrigger | Operator |
| glue:StartWorkflowRun | Operator |
| glue:StopCrawler | Operator |
| glue:StopCrawlerSchedule | Operator |
| glue:StopSession | Operator |
| glue:StopTrigger | Operator |
| glue:StopWorkflowRun | Operator |
| glue:TagResource | Operator |
| glue:UntagResource | Operator |
| glue:UpdateCrawlerSchedule | Operator |
| glue:UseMLTransforms | Operator |
| cloudformation:DescribeStacks | Metadata |
| cloudformation:GetTemplateSummary | Metadata |
| ec2:DescribeInstances | Metadata |
| ec2:DescribeKeyPairs | Metadata |
| ec2:DescribeRouteTables | Metadata |
| ec2:DescribeSecurityGroups | Metadata |
| ec2:DescribeSubnets | Metadata |
| ec2:DescribeVpcAttribute | Metadata |
| ec2:DescribeVpcEndpoints | Metadata |
| ec2:DescribeVpcs | Metadata |
| glue:BatchGetBlueprints | Metadata |
| glue:BatchGetCrawlers | Metadata |
| glue:BatchGetDevEndpoints | Metadata |
| glue:BatchGetJobs | Metadata |
| glue:BatchGetPartition | Metadata |
| glue:BatchGetTriggers | Metadata |
| glue:BatchGetWorkflows | Metadata |
| glue:GetBlueprint | Metadata |
| glue:GetBlueprintRun | Metadata |
| glue:GetBlueprintRuns | Metadata |
| glue:GetCatalogImportStatus | Metadata |
| glue:GetClassifier | Metadata |
| glue:GetClassifiers | Metadata |
| glue:GetColumnStatisticsForPartition | Metadata |
| glue:GetColumnStatisticsForTable | Metadata |
| glue:GetConnection | Metadata |
| glue:GetConnections | Metadata |
| glue:GetCrawler | Metadata |
| glue:GetCrawlerMetrics | Metadata |
| glue:GetCrawlers | Metadata |
| glue:GetDataCatalogEncryptionSettings | Metadata |
| glue:GetDatabase | Metadata |
| glue:GetDatabases | Metadata |
| glue:GetDataflowGraph | Metadata |
| glue:GetDevEndpoint | Metadata |
| glue:GetDevEndpoints | Metadata |
| glue:GetJob | Metadata |
| glue:GetJobBookmark | Metadata |
| glue:GetJobRun | Metadata |
| glue:GetJobRuns | Metadata |
| glue:GetJobs | Metadata |
| glue:GetMLTaskRun | Metadata |
| glue:GetMLTaskRuns | Metadata |
| glue:GetMLTransform | Metadata |
| glue:GetMLTransforms | Metadata |
| glue:GetPartition | Metadata |
| glue:GetPartitionIndexes | Metadata |
| glue:GetPartitions | Metadata |
| glue:GetPlan | Metadata |
| glue:GetRegistry | Metadata |
| glue:GetResourcePolicies | Metadata |
| glue:GetResourcePolicy | Metadata |
| glue:GetSchema | Metadata |
| glue:GetSchemaByDefinition | Metadata |
| glue:GetSchemaVersion | Metadata |
| glue:GetSchemaVersionsDiff | Metadata |
| glue:GetSecurityConfiguration | Metadata |
| glue:GetSecurityConfigurations | Metadata |
| glue:GetSession | Metadata |
| glue:GetStatement | Metadata |
| glue:GetTable | Metadata |
| glue:GetTableVersion | Metadata |
| glue:GetTableVersions | Metadata |
| glue:GetTables | Metadata |
| glue:GetTags | Metadata |
| glue:GetTrigger | Metadata |
| glue:GetTriggers | Metadata |
| glue:GetUserDefinedFunction | Metadata |
| glue:GetUserDefinedFunctions | Metadata |
| glue:GetWorkflow | Metadata |
| glue:GetWorkflowRun | Metadata |
| glue:GetWorkflowRunProperties | Metadata |
| glue:GetWorkflowRuns | Metadata |
| glue:GetWorkflowRunsMetadata | Metadata |
| glue:ListBlueprints | Metadata |
| glue:ListCrawlers | Metadata |
| glue:ListDevEndpoints | Metadata |
| glue:ListJobs | Metadata |
| glue:ListMLTransforms | Metadata |
| glue:ListRegistries | Metadata |
| glue:ListSchemaVersions | Metadata |
| glue:ListSchemas | Metadata |
| glue:ListSessions | Metadata |
| glue:ListStatements | Metadata |
| glue:ListTriggers | Metadata |
| glue:ListWorkflows | Metadata |
| glue:SearchTables | Metadata |
| iam:GetRole | Metadata |
| iam:GetRolePolicy | Metadata |
| iam:ListRolePolicies | Metadata |
| iam:ListRoles | Metadata |
| kms:DescribeKey | Metadata |
| rds:DescribeDBInstances | Metadata |
| redshift:DescribeClusterSubnetGroups | Metadata |
| redshift:DescribeClusters | Metadata |
| s3:GetBucketAcl | Metadata |
| s3:ListAllMyBuckets | Metadata |
| s3:ListBucket | Metadata |
| sagemaker:DescribeNotebookInstance | Metadata |
| sagemaker:ListNotebookInstances | Metadata |
