{ "url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonvpclattice.html", "name": "Amazon VPC Lattice", "prefix": "vpc-lattice", "timestamp": "1772712006", "actions": [ { "url": "service-network-associations.html#service-network-resource-configuration", "name": "AssociateViaAWSService", "description": "Grants permission to associate a resource configuration through any AWS service managed networks", "access": "Permissions management", "resources": [], "conditions": [], "dependents": [] }, { "url": "service-network-associations.html#service-network-resource-configuration", "name": "AssociateViaAWSService-EventsAndStates", "description": "Grants permission to associate a resource configuration through Amazon EventBridge and AWS Step Functions service networks", "access": "Permissions management", "resources": [], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateAccessLogSubscription.html", "name": "CreateAccessLogSubscription", "description": "Grants permission to create an access log subscription", "access": "Write", "resources": [ { "name": "AccessLogSubscription", "is_required": true }, { "name": "ResourceConfiguration", "is_required": false }, { "name": "Service", "is_required": false }, { "name": "ServiceNetwork", "is_required": false } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys" ], "dependents": [ "logs:CreateLogDelivery", "logs:GetLogDelivery" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateListener.html", "name": "CreateListener", "description": "Grants permission to create a listener", "access": "Write", "resources": [ { "name": "Listener", "is_required": true } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys", "vpc-lattice:Protocol", "vpc-lattice:TargetGroupArns" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateResourceConfiguration.html", "name": "CreateResourceConfiguration", "description": "Grants permission to create a resource configuration", "access": "Write", "resources": [ { "name": "DomainVerification", "is_required": false }, { "name": "ResourceConfiguration", "is_required": false }, { "name": "ResourceGateway", "is_required": false } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateResourceGateway.html", "name": "CreateResourceGateway", "description": "Grants permission to create a resource gateway", "access": "Write", "resources": [ { "name": "ResourceGateway", "is_required": true } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys", "vpc-lattice:VpcId" ], "dependents": [ "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateRule.html", "name": "CreateRule", "description": "Grants permission to create a rule", "access": "Write", "resources": [ { "name": "Rule", "is_required": true } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys", "vpc-lattice:TargetGroupArns" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateService.html", "name": "CreateService", "description": "Grants permission to create a service", "access": "Write", "resources": [ { "name": "Service", "is_required": true } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys", "vpc-lattice:AuthType" ], "dependents": [ "iam:CreateServiceLinkedRole" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateServiceNetwork.html", "name": "CreateServiceNetwork", "description": "Grants permission to create a service network", "access": "Write", "resources": [ { "name": "ServiceNetwork", "is_required": true } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys", "vpc-lattice:AuthType" ], "dependents": [ "iam:CreateServiceLinkedRole" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateServiceNetworkResourceAssociation.html", "name": "CreateServiceNetworkResourceAssociation", "description": "Grants permission to create an association between a service network and a resource", "access": "Write", "resources": [ { "name": "ResourceConfiguration", "is_required": true }, { "name": "ServiceNetwork", "is_required": true }, { "name": "ServiceNetworkResourceAssociation", "is_required": true } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys", "vpc-lattice:ResourceConfigurationArn", "vpc-lattice:ServiceNetworkArn" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateServiceNetworkServiceAssociation.html", "name": "CreateServiceNetworkServiceAssociation", "description": "Grants permission to create a service network and service association", "access": "Write", "resources": [ { "name": "Service", "is_required": true }, { "name": "ServiceNetwork", "is_required": true }, { "name": "ServiceNetworkServiceAssociation", "is_required": true } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys", "vpc-lattice:ServiceArn", "vpc-lattice:ServiceNetworkArn" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateServiceNetworkVpcAssociation.html", "name": "CreateServiceNetworkVpcAssociation", "description": "Grants permission to create a service network and VPC association", "access": "Write", "resources": [ { "name": "ServiceNetwork", "is_required": true }, { "name": "ServiceNetworkVpcAssociation", "is_required": true } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys", "vpc-lattice:PrivateDnsPreference", "vpc-lattice:PrivateDnsSpecifiedDomains", "vpc-lattice:SecurityGroupIds", "vpc-lattice:ServiceNetworkArn", "vpc-lattice:VpcId" ], "dependents": [ "ec2:DescribeVpcs" ] }, { "url": "service-network-associations.html#service-network-vpc-endpoint", "name": "CreateServiceNetworkVpcEndpointAssociation", "description": "Grants permission to create an association between a service network and VPC endpoint", "access": "Permissions management", "resources": [], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateTargetGroup.html", "name": "CreateTargetGroup", "description": "Grants permission to create a target group", "access": "Write", "resources": [ { "name": "TargetGroup", "is_required": true } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys", "vpc-lattice:VpcId" ], "dependents": [ "iam:CreateServiceLinkedRole" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteAccessLogSubscription.html", "name": "DeleteAccessLogSubscription", "description": "Grants permission to delete an access log subscription", "access": "Write", "resources": [ { "name": "AccessLogSubscription", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [ "logs:DeleteLogDelivery", "logs:GetLogDelivery" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteAuthPolicy.html", "name": "DeleteAuthPolicy", "description": "Grants permission to delete an auth policy", "access": "Permissions management", "resources": [ { "name": "Service", "is_required": false }, { "name": "ServiceNetwork", "is_required": false } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteDomainVerification.html", "name": "DeleteDomainVerification", "description": "Grants permission to delete a domain verification", "access": "Write", "resources": [ { "name": "DomainVerification", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteListener.html", "name": "DeleteListener", "description": "Grants permission to delete a listener", "access": "Write", "resources": [ { "name": "Listener", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteResourceConfiguration.html", "name": "DeleteResourceConfiguration", "description": "Grants permission to delete a resource configuration", "access": "Write", "resources": [ { "name": "ResourceConfiguration", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteResourceEndpointAssociation.html", "name": "DeleteResourceEndpointAssociation", "description": "Grants permission to delete a resource endpoint association", "access": "Write", "resources": [ { "name": "ResourceEndpointAssociation", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteResourceGateway.html", "name": "DeleteResourceGateway", "description": "Grants permission to delete a resource gateway", "access": "Write", "resources": [ { "name": "ResourceGateway", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteResourcePolicy.html", "name": "DeleteResourcePolicy", "description": "Grants permission to delete a resource policy", "access": "Write", "resources": [ { "name": "ResourceConfiguration", "is_required": false }, { "name": "Service", "is_required": false }, { "name": "ServiceNetwork", "is_required": false } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteRule.html", "name": "DeleteRule", "description": "Grants permission to delete a rule", "access": "Write", "resources": [ { "name": "Rule", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteService.html", "name": "DeleteService", "description": "Grants permission to delete a service", "access": "Write", "resources": [ { "name": "Service", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteServiceNetwork.html", "name": "DeleteServiceNetwork", "description": "Grants permission to delete a service network", "access": "Write", "resources": [ { "name": "ServiceNetwork", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteServiceNetworkResourceAssociation.html", "name": "DeleteServiceNetworkResourceAssociation", "description": "Grants permission to delete the association between a service network and resource", "access": "Write", "resources": [ { "name": "ServiceNetworkResourceAssociation", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteServiceNetworkServiceAssociation.html", "name": "DeleteServiceNetworkServiceAssociation", "description": "Grants permission to delete a service network service association", "access": "Write", "resources": [ { "name": "ServiceNetworkServiceAssociation", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}", "vpc-lattice:ServiceArn", "vpc-lattice:ServiceNetworkArn" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteServiceNetworkVpcAssociation.html", "name": "DeleteServiceNetworkVpcAssociation", "description": "Grants permission to delete a service network and VPC association", "access": "Write", "resources": [ { "name": "ServiceNetworkVpcAssociation", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}", "vpc-lattice:ServiceNetworkArn", "vpc-lattice:VpcId" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteTargetGroup.html", "name": "DeleteTargetGroup", "description": "Grants permission to delete a target group", "access": "Write", "resources": [ { "name": "TargetGroup", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeregisterTargets.html", "name": "DeregisterTargets", "description": "Grants permission to deregister targets from a target group", "access": "Write", "resources": [ { "name": "TargetGroup", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetAccessLogSubscription.html", "name": "GetAccessLogSubscription", "description": "Grants permission to get information about an access log subscription", "access": "Read", "resources": [ { "name": "AccessLogSubscription", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [ "logs:GetLogDelivery" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetAuthPolicy.html", "name": "GetAuthPolicy", "description": "Grants permission to get information about an auth policy", "access": "Read", "resources": [ { "name": "Service", "is_required": false }, { "name": "ServiceNetwork", "is_required": false } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetDomainVerification.html", "name": "GetDomainVerification", "description": "Grants permission to get information about a domain verification", "access": "Read", "resources": [ { "name": "DomainVerification", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetListener.html", "name": "GetListener", "description": "Grants permission to get information about a listener", "access": "Read", "resources": [ { "name": "Listener", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetResourceConfiguration.html", "name": "GetResourceConfiguration", "description": "Grants permission to get information about a resource configuration", "access": "Read", "resources": [ { "name": "ResourceConfiguration", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetResourceGateway.html", "name": "GetResourceGateway", "description": "Grants permission to get information about a resource gateway", "access": "Read", "resources": [ { "name": "ResourceGateway", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetResourcePolicy.html", "name": "GetResourcePolicy", "description": "Grants permission to get information about a resource policy", "access": "Read", "resources": [ { "name": "ResourceConfiguration", "is_required": false }, { "name": "Service", "is_required": false }, { "name": "ServiceNetwork", "is_required": false } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetRule.html", "name": "GetRule", "description": "Grants permission to get information about a rule", "access": "Read", "resources": [ { "name": "Rule", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetService.html", "name": "GetService", "description": "Grants permission to get information about a service", "access": "Read", "resources": [ { "name": "Service", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetServiceNetwork.html", "name": "GetServiceNetwork", "description": "Grants permission to get information about a service network", "access": "Read", "resources": [ { "name": "ServiceNetwork", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetServiceNetworkResourceAssociation.html", "name": "GetServiceNetworkResourceAssociation", "description": "Grants permission to get information about an association between a service network and resource configuration", "access": "Read", "resources": [ { "name": "ServiceNetworkResourceAssociation", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetServiceNetworkServiceAssociation.html", "name": "GetServiceNetworkServiceAssociation", "description": "Grants permission to get information about a service network and service association", "access": "Read", "resources": [ { "name": "ServiceNetworkServiceAssociation", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}", "vpc-lattice:ServiceArn", "vpc-lattice:ServiceNetworkArn" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetServiceNetworkVpcAssociation.html", "name": "GetServiceNetworkVpcAssociation", "description": "Grants permission to get information about a service network and VPC association", "access": "Read", "resources": [ { "name": "ServiceNetworkVpcAssociation", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}", "vpc-lattice:ServiceNetworkArn", "vpc-lattice:VpcId" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetTargetGroup.html", "name": "GetTargetGroup", "description": "Grants permission to get information about a target group", "access": "Read", "resources": [ { "name": "TargetGroup", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListAccessLogSubscriptions.html", "name": "ListAccessLogSubscriptions", "description": "Grants permission to list some or all access log subscriptions about a service network or a service", "access": "List", "resources": [], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListDomainVerifications.html", "name": "ListDomainVerifications", "description": "Grants permission to list some or all domain verifications", "access": "List", "resources": [], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListListeners.html", "name": "ListListeners", "description": "Grants permission to list some or all listeners", "access": "List", "resources": [], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListResourceConfigurations.html", "name": "ListResourceConfigurations", "description": "Grants permission to list some or all resource configurations", "access": "List", "resources": [], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListResourceEndpointAssociations.html", "name": "ListResourceEndpointAssociations", "description": "Grants permission to list some or all associations between a resource configuration and VPC endpoint", "access": "List", "resources": [], "conditions": [ "vpc-lattice:ResourceConfigurationArn", "vpc-lattice:VpcEndpointId" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListResourceGateways.html", "name": "ListResourceGateways", "description": "Grants permission to list some or all resource gateways", "access": "List", "resources": [], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListRules.html", "name": "ListRules", "description": "Grants permission to list some or all rules", "access": "List", "resources": [], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListServiceNetworkResourceAssociations.html", "name": "ListServiceNetworkResourceAssociations", "description": "Grants permission to list some or all associations between a service network and resource configuration", "access": "List", "resources": [], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListServiceNetworkServiceAssociations.html", "name": "ListServiceNetworkServiceAssociations", "description": "Grants permission to list some or all service network and service associations", "access": "List", "resources": [], "conditions": [ "vpc-lattice:ServiceArn", "vpc-lattice:ServiceNetworkArn" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListServiceNetworkVpcAssociations.html", "name": "ListServiceNetworkVpcAssociations", "description": "Grants permission to list some or all service network and VPC associations", "access": "List", "resources": [], "conditions": [ "vpc-lattice:ServiceNetworkArn", "vpc-lattice:VpcId" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListServiceNetworkVpcEndpointAssociations.html", "name": "ListServiceNetworkVpcEndpointAssociations", "description": "Grants permission to list some or all associations between a service network and VPC endpoint", "access": "List", "resources": [], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListServiceNetworks.html", "name": "ListServiceNetworks", "description": "Grants permission to list the service networks owned by a caller account or shared with the caller account", "access": "List", "resources": [], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListServices.html", "name": "ListServices", "description": "Grants permission to list the services owned by a caller account or shared with the caller account", "access": "List", "resources": [], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListTagsForResource.html", "name": "ListTagsForResource", "description": "Grants permission to list tags for a vpc-lattice resource", "access": "Read", "resources": [], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListTargetGroups.html", "name": "ListTargetGroups", "description": "Grants permission to list some or all target groups", "access": "List", "resources": [], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListTargets.html", "name": "ListTargets", "description": "Grants permission to list some or all targets in a target group", "access": "List", "resources": [ { "name": "TargetGroup", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_PutAuthPolicy.html", "name": "PutAuthPolicy", "description": "Grants permission to create or update the auth policy for a service network or a service", "access": "Permissions management", "resources": [ { "name": "Service", "is_required": false }, { "name": "ServiceNetwork", "is_required": false } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_PutResourcePolicy.html", "name": "PutResourcePolicy", "description": "Grants permission to create a resource policy for a resource configuration, service, or service network", "access": "Write", "resources": [ { "name": "ResourceConfiguration", "is_required": false }, { "name": "Service", "is_required": false }, { "name": "ServiceNetwork", "is_required": false } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_RegisterTargets.html", "name": "RegisterTargets", "description": "Grants permission to register targets to a target group", "access": "Write", "resources": [ { "name": "TargetGroup", "is_required": true } ], "conditions": [], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_StartDomainVerification.html", "name": "StartDomainVerification", "description": "Grants permission to start a domain verification", "access": "Write", "resources": [ { "name": "DomainVerification", "is_required": true } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:TagKeys", "vpc-lattice:DomainName" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_TagResource.html", "name": "TagResource", "description": "Grants permission to tag a vpc-lattice resource", "access": "Tagging", "resources": [ { "name": "AccessLogSubscription", "is_required": false }, { "name": "DomainVerification", "is_required": false }, { "name": "Listener", "is_required": false }, { "name": "ResourceConfiguration", "is_required": false }, { "name": "ResourceEndpointAssociation", "is_required": false }, { "name": "ResourceGateway", "is_required": false }, { "name": "Rule", "is_required": false }, { "name": "Service", "is_required": false }, { "name": "ServiceNetwork", "is_required": false }, { "name": "ServiceNetworkResourceAssociation", "is_required": false }, { "name": "ServiceNetworkServiceAssociation", "is_required": false }, { "name": "ServiceNetworkVpcAssociation", "is_required": false }, { "name": "TargetGroup", "is_required": false } ], "conditions": [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UntagResource.html", "name": "UntagResource", "description": "Grants permission to untag a vpc-lattice resource", "access": "Tagging", "resources": [ { "name": "AccessLogSubscription", "is_required": false }, { "name": "DomainVerification", "is_required": false }, { "name": "Listener", "is_required": false }, { "name": "ResourceConfiguration", "is_required": false }, { "name": "ResourceEndpointAssociation", "is_required": false }, { "name": "ResourceGateway", "is_required": false }, { "name": "Rule", "is_required": false }, { "name": "Service", "is_required": false }, { "name": "ServiceNetwork", "is_required": false }, { "name": "ServiceNetworkResourceAssociation", "is_required": false }, { "name": "ServiceNetworkServiceAssociation", "is_required": false }, { "name": "ServiceNetworkVpcAssociation", "is_required": false }, { "name": "TargetGroup", "is_required": false } ], "conditions": [ "aws:TagKeys" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateAccessLogSubscription.html", "name": "UpdateAccessLogSubscription", "description": "Grants permission to update an access log subscription", "access": "Write", "resources": [ { "name": "AccessLogSubscription", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [ "logs:GetLogDelivery", "logs:UpdateLogDelivery" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateListener.html", "name": "UpdateListener", "description": "Grants permission to update a listener", "access": "Write", "resources": [ { "name": "Listener", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}", "vpc-lattice:TargetGroupArns" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateResourceConfiguration.html", "name": "UpdateResourceConfiguration", "description": "Grants permission to update a resource configuration", "access": "Write", "resources": [ { "name": "ResourceConfiguration", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateResourceGateway.html", "name": "UpdateResourceGateway", "description": "Grants permission to update a resource gateway", "access": "Write", "resources": [ { "name": "ResourceGateway", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}", "vpc-lattice:SecurityGroupIds" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateRule.html", "name": "UpdateRule", "description": "Grants permission to update a rule", "access": "Write", "resources": [ { "name": "Rule", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}", "vpc-lattice:TargetGroupArns" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateService.html", "name": "UpdateService", "description": "Grants permission to update a service", "access": "Write", "resources": [ { "name": "Service", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}", "vpc-lattice:AuthType" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateServiceNetwork.html", "name": "UpdateServiceNetwork", "description": "Grants permission to update a service network", "access": "Write", "resources": [ { "name": "ServiceNetwork", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}", "vpc-lattice:AuthType" ], "dependents": [] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateServiceNetworkVpcAssociation.html", "name": "UpdateServiceNetworkVpcAssociation", "description": "Grants permission to update a service network and VPC association", "access": "Write", "resources": [ { "name": "ServiceNetworkVpcAssociation", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}", "aws:TagKeys", "vpc-lattice:SecurityGroupIds", "vpc-lattice:ServiceNetworkArn", "vpc-lattice:VpcId" ], "dependents": [ "ec2:DescribeSecurityGroups", "ec2:DescribeVpcs" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateTargetGroup.html", "name": "UpdateTargetGroup", "description": "Grants permission to update a target group", "access": "Write", "resources": [ { "name": "TargetGroup", "is_required": true } ], "conditions": [ "aws:ResourceTag/${TagKey}" ], "dependents": [] } ], "resources": [ { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/monitoring-access-logs.html", "name": "AccessLogSubscription", "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:accesslogsubscription/${AccessLogSubscriptionId}", "conditions": [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/domain-verification.html", "name": "DomainVerification", "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:domainverification/${DomainVerificationId}", "conditions": [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys", "vpc-lattice:DomainName" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/listeners.html", "name": "Listener", "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:service/${ServiceId}/listener/${ListenerId}", "conditions": [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys", "vpc-lattice:Protocol", "vpc-lattice:TargetGroupArns" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/resource-configurations.html", "name": "ResourceConfiguration", "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:resourceconfiguration/${ResourceConfigurationId}", "conditions": [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/resource-endpoint-associations.html", "name": "ResourceEndpointAssociation", "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:resourceendpointassociation/${ResourceEndpointAssociationId}", "conditions": [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys", "vpc-lattice:ResourceConfigurationArn", "vpc-lattice:VpcEndpointId" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/resource-gateways.html", "name": "ResourceGateway", "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:resourcegateway/${ResourceGatewayId}", "conditions": [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys", "vpc-lattice:VpcId" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/listeners.html#listener-rules", "name": "Rule", "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:service/${ServiceId}/listener/${ListenerId}/rule/${RuleId}", "conditions": [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys", "vpc-lattice:TargetGroupArns" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/services.html", "name": "Service", "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:service/${ServiceId}", "conditions": [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys", "vpc-lattice:AuthType" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/service-networks.html", "name": "ServiceNetwork", "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:servicenetwork/${ServiceNetworkId}", "conditions": [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys", "vpc-lattice:AuthType" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/service-network-associations.html#service-network-resource-configuration", "name": "ServiceNetworkResourceAssociation", "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:servicenetworkresourceassociation/${ServiceNetworkResourceAssociationId}", "conditions": [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys", "vpc-lattice:ResourceConfigurationArn", "vpc-lattice:ServiceNetworkArn" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/service-network-associations.html#service-network-service-associations", "name": "ServiceNetworkServiceAssociation", "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:servicenetworkserviceassociation/${ServiceNetworkServiceAssociationId}", "conditions": [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys", "vpc-lattice:ServiceArn", "vpc-lattice:ServiceNetworkArn" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/service-network-associations.html#service-network-vpc-associations", "name": "ServiceNetworkVpcAssociation", "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:servicenetworkvpcassociation/${ServiceNetworkVpcAssociationId}", "conditions": [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys", "vpc-lattice:PrivateDnsPreference", "vpc-lattice:PrivateDnsSpecifiedDomains", "vpc-lattice:SecurityGroupIds", "vpc-lattice:ServiceNetworkArn", "vpc-lattice:VpcId" ] }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/target-groups.html", "name": "TargetGroup", "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:targetgroup/${TargetGroupId}", "conditions": [ "aws:RequestTag/${TagKey}", "aws:ResourceTag/${TagKey}", "aws:TagKeys", "vpc-lattice:VpcId" ] } ], "conditions": [ { "url": "https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag", "name": "aws:RequestTag/${TagKey}", "description": "Filters access by the presence of tag key-value pairs in the request", "type": "String" }, { "url": "https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag", "name": "aws:ResourceTag/${TagKey}", "description": "Filters access by tag key-value pairs attached to the resource", "type": "String" }, { "url": "https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys", "name": "aws:TagKeys", "description": "Filters access by the presence of tag keys in the request", "type": "ArrayOfString" }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/", "name": "vpc-lattice:AuthType", "description": "Filters access by the auth type specified in the request", "type": "String" }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/", "name": "vpc-lattice:DomainName", "description": "Filters access by the domain name", "type": "String" }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/", "name": "vpc-lattice:PrivateDnsPreference", "description": "Filters access by the private dns preference", "type": "String" }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/", "name": "vpc-lattice:PrivateDnsSpecifiedDomains", "description": "Filters access by the private dns domains", "type": "ArrayOfString" }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/", "name": "vpc-lattice:Protocol", "description": "Filters access by the protocol specified in the request", "type": "String" }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/", "name": "vpc-lattice:ResourceConfigurationArn", "description": "Filters access by the ARN of a resource configuration", "type": "ARN" }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/", "name": "vpc-lattice:SecurityGroupIds", "description": "Filters access by the IDs of security groups", "type": "ArrayOfString" }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/", "name": "vpc-lattice:ServiceArn", "description": "Filters access by the ARN of a service", "type": "ARN" }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/", "name": "vpc-lattice:ServiceNetworkArn", "description": "Filters access by the ARN of a service network", "type": "ARN" }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/", "name": "vpc-lattice:TargetGroupArns", "description": "Filters access by the ARNs of target groups", "type": "ArrayOfARN" }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/", "name": "vpc-lattice:VpcEndpointId", "description": "Filters access by the ID of a VPC endpoint", "type": "String" }, { "url": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/", "name": "vpc-lattice:VpcId", "description": "Filters access by the ID of a virtual private cloud (VPC)", "type": "String" } ] }