{ "url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsnetworkfirewall.html", "name": "AWS Network Firewall", "prefix": "network-firewall", "timestamp": "1772712006", "actions": [ { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_AcceptNetworkFirewallTransitGatewayAttachment.html", "name": "AcceptNetworkFirewallTransitGatewayAttachment", "description": "Grants permission to accept pending Network Firewall attachments on a transit gateway", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_AssociateAvailabilityZones.html", "name": "AssociateAvailabilityZones", "description": "Grants permission to associate availability zones to a firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_AssociateFirewallPolicy.html", "name": "AssociateFirewallPolicy", "description": "Grants permission to create an association between a firewall policy and a firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true }, { "name": "FirewallPolicy", "is_required": true } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_AssociateSubnets.html", "name": "AssociateSubnets", "description": "Grants permission to associate VPC subnets to a firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_AttachRuleGroupsToProxyConfiguration.html", "name": "AttachRuleGroupsToProxyConfiguration", "description": "Grants permission to attach proxy rule groups to a proxy configuration", "access": "Write", "resources": [ { "name": "ProxyConfiguration", "is_required": true }, { "name": "ProxyRuleGroup", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateFirewall.html", "name": "CreateFirewall", "description": "Grants permission to create an AWS Network Firewall firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true }, { "name": "FirewallPolicy", "is_required": true } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys" ], "dependents": [ "iam:CreateServiceLinkedRole" ] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateFirewallPolicy.html", "name": "CreateFirewallPolicy", "description": "Grants permission to create an AWS Network Firewall firewall policy", "access": "Write", "resources": [ { "name": "FirewallPolicy", "is_required": true }, { "name": "StatefulRuleGroup", "is_required": false }, { "name": "StatelessRuleGroup", "is_required": false }, { "name": "TLSInspectionConfiguration", "is_required": false } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateProxy.html", "name": "CreateProxy", "description": "Grants permission to create an AWS Network Firewall proxy", "access": "Write", "resources": [ { "name": "Proxy", "is_required": true }, { "name": "ProxyConfiguration", "is_required": true } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys" ], "dependents": [ "ec2:AttachApplianceToNatGateway" ] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateProxyConfiguration.html", "name": "CreateProxyConfiguration", "description": "Grants permission to create an AWS Network Firewall proxy configuration", "access": "Write", "resources": [ { "name": "ProxyConfiguration", "is_required": true }, { "name": "ProxyRuleGroup", "is_required": false } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateProxyRuleGroup.html", "name": "CreateProxyRuleGroup", "description": "Grants permission to create an AWS Network Firewall proxy rule group", "access": "Write", "resources": [ { "name": "ProxyRuleGroup", "is_required": true } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateProxyRules.html", "name": "CreateProxyRules", "description": "Grants permission to add proxy rules to a proxy rule group", "access": "Write", "resources": [ { "name": "ProxyRuleGroup", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateRuleGroup.html", "name": "CreateRuleGroup", "description": "Grants permission to create an AWS Network Firewall rule group", "access": "Write", "resources": [ { "name": "StatefulRuleGroup", "is_required": false }, { "name": "StatelessRuleGroup", "is_required": false } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateTLSInspectionConfiguration.html", "name": "CreateTLSInspectionConfiguration", "description": "Grants permission to create an AWS Network Firewall tls inspection configuration", "access": "Write", "resources": [ { "name": "TLSInspectionConfiguration", "is_required": true } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys" ], "dependents": [ "iam:CreateServiceLinkedRole" ] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateVpcEndpointAssociation.html", "name": "CreateVpcEndpointAssociation", "description": "Grants permission to create an AWS Network Firewall vpc endpoint association", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true }, { "name": "VpcEndpointAssociation", "is_required": true } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys" ], "dependents": [ "iam:CreateServiceLinkedRole" ] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteFirewall.html", "name": "DeleteFirewall", "description": "Grants permission to delete a firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteFirewallPolicy.html", "name": "DeleteFirewallPolicy", "description": "Grants permission to delete a firewall policy", "access": "Write", "resources": [ { "name": "FirewallPolicy", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteNetworkFirewallTransitGatewayAttachment.html", "name": "DeleteNetworkFirewallTransitGatewayAttachment", "description": "Grants permission to delete Network Firewall attachments on a transit gateway", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteProxy.html", "name": "DeleteProxy", "description": "Grants permission to delete a proxy", "access": "Write", "resources": [ { "name": "Proxy", "is_required": true } ], "conditions": [], "dependents": [ "ec2:DetachApplianceFromNatGateway" ] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteProxyConfiguration.html", "name": "DeleteProxyConfiguration", "description": "Grants permission to delete a proxy configuration", "access": "Write", "resources": [ { "name": "ProxyConfiguration", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteProxyRuleGroup.html", "name": "DeleteProxyRuleGroup", "description": "Grants permission to delete a proxy rule group", "access": "Write", "resources": [ { "name": "ProxyRuleGroup", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteProxyRules.html", "name": "DeleteProxyRules", "description": "Grants permission to remove proxy rules from a proxy rule group", "access": "Write", "resources": [ { "name": "ProxyRuleGroup", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteResourcePolicy.html", "name": "DeleteResourcePolicy", "description": "Grants permission to delete a resource policy for a firewall policy or rule group or firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": false }, { "name": "FirewallPolicy", "is_required": false }, { "name": "StatefulRuleGroup", "is_required": false }, { "name": "StatelessRuleGroup", "is_required": false } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteRuleGroup.html", "name": "DeleteRuleGroup", "description": "Grants permission to delete a rule group", "access": "Write", "resources": [ { "name": "StatefulRuleGroup", "is_required": true }, { "name": "StatelessRuleGroup", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteTLSInspectionConfiguration.html", "name": "DeleteTLSInspectionConfiguration", "description": "Grants permission to delete a tls inspection configuration", "access": "Write", "resources": [ { "name": "TLSInspectionConfiguration", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteVpcEndpointAssociation.html", "name": "DeleteVpcEndpointAssociation", "description": "Grants permission to delete a vpc endpoint association", "access": "Write", "resources": [ { "name": "VpcEndpointAssociation", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeFirewall.html", "name": "DescribeFirewall", "description": "Grants permission to retrieve the data objects that define a firewall", "access": "Read", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeFirewallMetadata.html", "name": "DescribeFirewallMetadata", "description": "Grants permission to retrieve the high-level information about a firewall", "access": "Read", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeFirewallPolicy.html", "name": "DescribeFirewallPolicy", "description": "Grants permission to retrieve the data objects that define a firewall policy", "access": "Read", "resources": [ { "name": "FirewallPolicy", "is_required": true }, { "name": "StatefulRuleGroup", "is_required": false }, { "name": "StatelessRuleGroup", "is_required": false }, { "name": "TLSInspectionConfiguration", "is_required": false } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeFlowOperation.html", "name": "DescribeFlowOperation", "description": "Grants permission to describe a flow operation performed on a firewall", "access": "Read", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeLoggingConfiguration.html", "name": "DescribeLoggingConfiguration", "description": "Grants permission to describe the logging configuration of a firewall", "access": "Read", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [ "logs:GetLogDelivery", "logs:ListLogDeliveries" ] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeProxy.html", "name": "DescribeProxy", "description": "Grants permission to retrieve the data objects that define a proxy", "access": "Read", "resources": [ { "name": "Proxy", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeProxyConfiguration.html", "name": "DescribeProxyConfiguration", "description": "Grants permission to retrieve the data objects that define a proxy configuration", "access": "Read", "resources": [ { "name": "ProxyConfiguration", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeProxyRule.html", "name": "DescribeProxyRule", "description": "Grants permission to retrieve the data objects that define a proxy rule", "access": "Read", "resources": [ { "name": "ProxyRuleGroup", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeProxyRuleGroup.html", "name": "DescribeProxyRuleGroup", "description": "Grants permission to retrieve the data objects that define a proxy rule group", "access": "Read", "resources": [ { "name": "ProxyRuleGroup", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeResourcePolicy.html", "name": "DescribeResourcePolicy", "description": "Grants permission to describe a resource policy for a firewall policy or rule group or firewall", "access": "Read", "resources": [ { "name": "Firewall", "is_required": false }, { "name": "FirewallPolicy", "is_required": false }, { "name": "StatefulRuleGroup", "is_required": false }, { "name": "StatelessRuleGroup", "is_required": false } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroup.html", "name": "DescribeRuleGroup", "description": "Grants permission to retrieve the data objects that define a rule group", "access": "Read", "resources": [ { "name": "StatefulRuleGroup", "is_required": false }, { "name": "StatelessRuleGroup", "is_required": false } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroupMetadata.html", "name": "DescribeRuleGroupMetadata", "description": "Grants permission to retrieve the high-level information about a rule group", "access": "Read", "resources": [ { "name": "StatefulRuleGroup", "is_required": false }, { "name": "StatelessRuleGroup", "is_required": false } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroupSummary.html", "name": "DescribeRuleGroupSummary", "description": "Grants permission to retrieve the summary information about a rule group", "access": "Read", "resources": [ { "name": "StatefulRuleGroup", "is_required": false }, { "name": "StatelessRuleGroup", "is_required": false } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeTLSInspectionConfiguration.html", "name": "DescribeTLSInspectionConfiguration", "description": "Grants permission to retrieve the data objects that define a tls inspection configuration", "access": "Read", "resources": [ { "name": "TLSInspectionConfiguration", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeVpcEndpointAssociation.html", "name": "DescribeVpcEndpointAssociation", "description": "Grants permission to retrieve the data objects that define a vpc endpoint association", "access": "Read", "resources": [ { "name": "VpcEndpointAssociation", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DetachRuleGroupsFromProxyConfiguration.html", "name": "DetachRuleGroupsFromProxyConfiguration", "description": "Grants permission to detach proxy rule groups from a proxy configuration", "access": "Write", "resources": [ { "name": "ProxyConfiguration", "is_required": true }, { "name": "ProxyRuleGroup", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DisassociateAvailabilityZones.html", "name": "DisassociateAvailabilityZones", "description": "Grants permission to disassociate availability zones to a firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DisassociateSubnets.html", "name": "DisassociateSubnets", "description": "Grants permission to disassociate VPC subnets from a firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_GetAnalysisReportResults.html", "name": "GetAnalysisReportResults", "description": "Grants permission to retrieve analysis report results of a firewall", "access": "Read", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListAnalysisReports.html", "name": "ListAnalysisReports", "description": "Grants permission to list firewall analysis reports", "access": "List", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListFirewallPolicies.html", "name": "ListFirewallPolicies", "description": "Grants permission to retrieve the metadata for firewall policies", "access": "List", "resources": [ { "name": "FirewallPolicy", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListFirewalls.html", "name": "ListFirewalls", "description": "Grants permission to retrieve the metadata for firewalls", "access": "List", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListFlowOperationResults.html", "name": "ListFlowOperationResults", "description": "Grants permission to list results from a flow operation performed on a firewall", "access": "Read", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListFlowOperations.html", "name": "ListFlowOperations", "description": "Grants permission to list flow operations performed on a firewall", "access": "List", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListProxies.html", "name": "ListProxies", "description": "Grants permission to retrieve the metadata for proxies", "access": "List", "resources": [ { "name": "Proxy", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListProxyConfigurations.html", "name": "ListProxyConfigurations", "description": "Grants permission to retrieve the metadata for proxy configurations", "access": "List", "resources": [ { "name": "ProxyConfiguration", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListProxyRuleGroups.html", "name": "ListProxyRuleGroups", "description": "Grants permission to retrieve the metadata for proxy rule groups", "access": "List", "resources": [ { "name": "ProxyRuleGroup", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListRuleGroups.html", "name": "ListRuleGroups", "description": "Grants permission to retrieve the metadata for rule groups", "access": "List", "resources": [], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListTLSInspectionConfigurations.html", "name": "ListTLSInspectionConfigurations", "description": "Grants permission to retrieve the metadata for tls inspection configurations", "access": "List", "resources": [ { "name": "TLSInspectionConfiguration", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListTagsForResource.html", "name": "ListTagsForResource", "description": "Grants permission to retrieve the tags for a resource", "access": "List", "resources": [ { "name": "Firewall", "is_required": true }, { "name": "FirewallPolicy", "is_required": true }, { "name": "StatefulRuleGroup", "is_required": false }, { "name": "StatelessRuleGroup", "is_required": false }, { "name": "TLSInspectionConfiguration", "is_required": false }, { "name": "VpcEndpointAssociation", "is_required": false } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListVpcEndpointAssociations.html", "name": "ListVpcEndpointAssociations", "description": "Grants permission to retrieve the metadata for vpc endpoint associations", "access": "List", "resources": [ { "name": "VpcEndpointAssociation", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_PutResourcePolicy.html", "name": "PutResourcePolicy", "description": "Grants permission to put a resource policy for a firewall policy or rule group or firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": false }, { "name": "FirewallPolicy", "is_required": false }, { "name": "StatefulRuleGroup", "is_required": false }, { "name": "StatelessRuleGroup", "is_required": false } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_RejectNetworkFirewallTransitGatewayAttachment.html", "name": "RejectNetworkFirewallTransitGatewayAttachment", "description": "Grants permission to reject pending Network Firewall attachments on a transit gateway", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_GetAnalysisReportResults.html", "name": "StartAnalysisReport", "description": "Grants permission to start an analysis report on a firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_StartFlowCapture.html", "name": "StartFlowCapture", "description": "Grants permission to start capture operation on a firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_StartFlowFlush.html", "name": "StartFlowFlush", "description": "Grants permission to start flush operation on a firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_TagResource.html", "name": "TagResource", "description": "Grants permission to attach tags to a resource", "access": "Tagging", "resources": [ { "name": "Firewall", "is_required": false }, { "name": "FirewallPolicy", "is_required": false }, { "name": "Proxy", "is_required": false }, { "name": "ProxyConfiguration", "is_required": false }, { "name": "ProxyRuleGroup", "is_required": false }, { "name": "StatefulRuleGroup", "is_required": false }, { "name": "StatelessRuleGroup", "is_required": false }, { "name": "TLSInspectionConfiguration", "is_required": false }, { "name": "VpcEndpointAssociation", "is_required": false } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UntagResource.html", "name": "UntagResource", "description": "Grants permission to remove tags from a resource", "access": "Tagging", "resources": [ { "name": "Firewall", "is_required": false }, { "name": "FirewallPolicy", "is_required": false }, { "name": "Proxy", "is_required": false }, { "name": "ProxyConfiguration", "is_required": false }, { "name": "ProxyRuleGroup", "is_required": false }, { "name": "StatefulRuleGroup", "is_required": false }, { "name": "StatelessRuleGroup", "is_required": false }, { "name": "TLSInspectionConfiguration", "is_required": false }, { "name": "VpcEndpointAssociation", "is_required": false } ], "conditions": [ "aws:TagKeys" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateAvailabilityZoneChangeProtection.html", "name": "UpdateAvailabilityZoneChangeProtection", "description": "Grants permission to add or remove availability zone change protection for a firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallAnalysisSettings.html", "name": "UpdateFirewallAnalysisSettings", "description": "Grants permission to modify firewall analysis settings of a firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallDeleteProtection.html", "name": "UpdateFirewallDeleteProtection", "description": "Grants permission to add or remove delete protection for a firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallDescription.html", "name": "UpdateFirewallDescription", "description": "Grants permission to modify the description for a firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallEncryptionConfiguration.html", "name": "UpdateFirewallEncryptionConfiguration", "description": "Grants permission to modify the encryption configuration of a firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallPolicy.html", "name": "UpdateFirewallPolicy", "description": "Grants permission to modify a firewall policy", "access": "Write", "resources": [ { "name": "FirewallPolicy", "is_required": true }, { "name": "StatefulRuleGroup", "is_required": false }, { "name": "StatelessRuleGroup", "is_required": false }, { "name": "TLSInspectionConfiguration", "is_required": false } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallPolicyChangeProtection.html", "name": "UpdateFirewallPolicyChangeProtection", "description": "Grants permission to add or remove firewall policy change protection for a firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateLoggingConfiguration.html", "name": "UpdateLoggingConfiguration", "description": "Grants permission to modify the logging configuration of a firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateProxy.html", "name": "UpdateProxy", "description": "Grants permission to modify a proxy", "access": "Write", "resources": [ { "name": "Proxy", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateProxyConfiguration.html", "name": "UpdateProxyConfiguration", "description": "Grants permission to modify a proxy configuration", "access": "Write", "resources": [ { "name": "ProxyConfiguration", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateProxyRule.html", "name": "UpdateProxyRule", "description": "Grants permission to update an existing proxy rule on a proxy rule group", "access": "Write", "resources": [ { "name": "ProxyRuleGroup", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateProxyRuleGroupPriorities.html", "name": "UpdateProxyRuleGroupPriorities", "description": "Grants permission to modify rule group priorities on a proxy configuration", "access": "Write", "resources": [ { "name": "ProxyConfiguration", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateProxyRulePriorities.html", "name": "UpdateProxyRulePriorities", "description": "Grants permission to update proxy rule priorities within a proxy rule group", "access": "Write", "resources": [ { "name": "ProxyRuleGroup", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateRuleGroup.html", "name": "UpdateRuleGroup", "description": "Grants permission to modify a rule group", "access": "Write", "resources": [ { "name": "StatefulRuleGroup", "is_required": false }, { "name": "StatelessRuleGroup", "is_required": false } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateSubnetChangeProtection.html", "name": "UpdateSubnetChangeProtection", "description": "Grants permission to add or remove subnet change protection for a firewall", "access": "Write", "resources": [ { "name": "Firewall", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateTLSInspectionConfiguration.html", "name": "UpdateTLSInspectionConfiguration", "description": "Grants permission to modify a tls inspection configuration", "access": "Write", "resources": [ { "name": "TLSInspectionConfiguration", "is_required": true } ], "conditions": [], "dependents": [] } ], "resources": [ { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_Firewall.html", "name": "Firewall", "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:firewall/${Name}", "conditions": [ "aws:ResourceTag/${TagKey}" ] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_FirewallPolicyResponse.html", "name": "FirewallPolicy", "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:firewall-policy/${Name}", "conditions": [ "aws:ResourceTag/${TagKey}" ] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_RuleGroupResponse.html", "name": "StatefulRuleGroup", "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:stateful-rulegroup/${Name}", "conditions": [ "aws:ResourceTag/${TagKey}" ] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_RuleGroupResponse.html", "name": "StatelessRuleGroup", "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:stateless-rulegroup/${Name}", "conditions": [ "aws:ResourceTag/${TagKey}" ] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_TLSInspectionConfigurationResponse.html", "name": "TLSInspectionConfiguration", "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:tls-configuration/${Name}", "conditions": [ "aws:ResourceTag/${TagKey}" ] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_VpcEndpointAssociation.html", "name": "VpcEndpointAssociation", "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:vpc-endpoint-association/${Name}", "conditions": [ "aws:ResourceTag/${TagKey}" ] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ProxyRuleGroup.html", "name": "ProxyRuleGroup", "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:proxy-rule-group/${Name}", "conditions": [ "aws:ResourceTag/${TagKey}" ] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ProxyConfiguration.html", "name": "ProxyConfiguration", "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:proxy-configuration/${Name}", "conditions": [ "aws:ResourceTag/${TagKey}" ] }, { "url": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_Proxy.html", "name": "Proxy", "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:proxy/${Name}", "conditions": [ "aws:ResourceTag/${TagKey}" ] } ], "conditions": [ { "url": "https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag", "name": "aws:RequestTag/${TagKey}", "description": "Filters access by on the allowed set of values for each of the tags", "type": "String" }, { "url": "https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag", "name": "aws:ResourceTag/${TagKey}", "description": "Filters access by the tag value associated with the resource", "type": "String" }, { "url": "https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys", "name": "aws:TagKeys", "description": "Filters access by the presence of mandatory tags in the request", "type": "ArrayOfString" } ] }