2021-07-13
22 new actions, 3 new resources, 2 new conditions | 34 updated actions, 5 updated resources
Additions
Actions
-
AcceptEnvironmentAccountConnection
-
Description:
Grants permission to reject an environment account connection request from another environment account.
-
Access:
Write
-
Resources:
Name: environment-account-connection
Required: Yes
-
CancelEnvironmentDeployment
-
Description:
Grants permission to cancel an environment deployment
-
Access:
Write
-
Resources:
Name: environment
Required: Yes
-
Conditions:
proton:EnvironmentTemplate
-
CancelServiceInstanceDeployment
-
Description:
Grants permission to cancel a service instance deployment
-
Access:
Write
-
Resources:
Name: service-instance
Required: Yes
-
Conditions:
proton:ServiceTemplate
-
CancelServicePipelineDeployment
-
Description:
Grants permission to cancel a service pipeline deployment
-
Access:
Write
-
Resources:
Name: service
Required: Yes
-
Conditions:
proton:ServiceTemplate
-
CreateEnvironmentAccountConnection
-
Description:
Grants permission to create an environment account connection
-
Access:
Write
-
CreateEnvironmentTemplateVersion
-
Description:
Grants permission to create an environment template version
-
Access:
Write
-
Resources:
Name: environment-template
Required: Yes
-
Conditions:
aws:TagKeys
aws:RequestTag/${TagKey}
-
CreateServiceTemplateVersion
-
Description:
Grants permission to create a service template version
-
Access:
Write
-
Resources:
Name: service-template
Required: Yes
-
Conditions:
aws:TagKeys
aws:RequestTag/${TagKey}
-
DeleteEnvironmentAccountConnection
-
Description:
Grants permission to delete an environment account connection
-
Access:
Write
-
Resources:
Name: environment-account-connection
Required: Yes
-
DeleteEnvironmentTemplateVersion
-
Description:
Grants permission to delete an environment template version
-
Access:
Write
-
Resources:
Name: environment-template
Required: Yes
-
DeleteServiceTemplateVersion
-
Description:
Grants permission to delete a service template version
-
Access:
Write
-
Resources:
Name: service-template
Required: Yes
-
GetAccountSettings
-
Description:
Grants permission to describe the account settings
-
Access:
Read
-
GetEnvironmentAccountConnection
-
Description:
Grants permission to describe an environment account connection
-
Access:
Read
-
Resources:
Name: environment-account-connection
Required: Yes
-
GetEnvironmentTemplateVersion
-
Description:
Grants permission to describe an environment template version
-
Access:
Read
-
Resources:
Name: environment-template
Required: Yes
-
GetServiceTemplateVersion
-
Description:
Grants permission to describe a service template version
-
Access:
Read
-
Resources:
Name: service-template
Required: Yes
-
ListEnvironmentAccountConnections
-
Description:
Grants permission to list environment account connections
-
Access:
List
-
Resources:
Name: environment-account-connection
Required: Yes
-
ListEnvironmentTemplateVersions
-
Description:
Grants permission to list environment template versions
-
Access:
List
-
Resources:
Name: environment-template
Required: Yes
-
ListServiceTemplateVersions
-
Description:
Grants permission to list service template versions
-
Access:
List
-
Resources:
Name: service-template
Required: Yes
-
RejectEnvironmentAccountConnection
-
Description:
Grants permission to reject an environment account connection request from another environment account.
-
Access:
Write
-
Resources:
Name: environment-account-connection
Required: Yes
-
UpdateAccountSettings
-
Description:
Grants permission to update the account settings
-
Access:
Write
-
Dependents:
iam:PassRole
-
UpdateEnvironmentAccountConnection
-
Description:
Grants permission to update an environment account connection
-
Access:
Write
-
Resources:
Name: environment-account-connection
Required: Yes
-
UpdateEnvironmentTemplateVersion
-
Description:
Grants permission to update an environment template version
-
Access:
Write
-
Resources:
Name: environment-template
Required: Yes
-
UpdateServiceTemplateVersion
-
Description:
Grants permission to update a service template version
-
Access:
Write
-
Resources:
Name: service-template
Required: Yes
Resources
-
environment-template-version
-
Arn:
arn:${Partition}:proton:${Region}:${Account}:environment-template/${TemplateName}:${MajorVersion}.${MinorVersion}
-
Conditions:
aws:ResourceTag/${TagKey}
-
service-template-version
-
Arn:
arn:${Partition}:proton:${Region}:${Account}:service-template/${TemplateName}:${MajorVersion}.${MinorVersion}
-
Conditions:
aws:ResourceTag/${TagKey}
-
environment-account-connection
-
Arn:
arn:${Partition}:proton:${Region}:${Account}:environment-account-connection/${Id}
Conditions
-
proton:EnvironmentTemplate
-
Description:
Filters actions based on specified environment template related to resource
-
Type:
String
-
proton:ServiceTemplate
-
Description:
Filters actions based on specified service template related to resource
-
Type:
String
Updates
Resources
-
environment-template
Arn
-
Old: arn:${Partition}:proton:${Region}:${Account}:environment-template/${TemplateName}
New: arn:${Partition}:proton:${Region}:${Account}:environment-template/${Name}
-
service-template
Arn
-
Old: arn:${Partition}:proton:${Region}:${Account}:service-template/${TemplateName}
New: arn:${Partition}:proton:${Region}:${Account}:service-template/${Name}
-
environment
Arn
-
Old: arn:${Partition}:proton:${Region}:${Account}:environment/${EnvironmentName}
New: arn:${Partition}:proton:${Region}:${Account}:environment/${Name}
-
service
Arn
-
Old: arn:${Partition}:proton:${Region}:${Account}:service/${ServiceName}
New: arn:${Partition}:proton:${Region}:${Account}:service/${Name}
-
service-instance
Arn
-
Old: arn:${Partition}:proton:${Region}:${Account}:service/${ServiceName}/service-instance/${ServiceInstanceName}
New: arn:${Partition}:proton:${Region}:${Account}:service/${ServiceName}/service-instance/${Name}