2021-09-03
9 new actions, 2 new resources, 1 new condition | 4 updated actions
Additions
Actions
-
CreateStorageVirtualMachine
-
Description:
Grants permission to create a new storage virtual machine in an Amazon FSx for Ontap file system
-
Access:
Write
-
Resources:
Name: file-system
Required: Yes
Name: storage-virtual-machine
Required: Yes
-
Conditions:
aws:RequestTag/${TagKey}
aws:TagKeys
-
Dependents:
fsx:TagResource
-
CreateVolume
-
Description:
Grants permission to create a new volume
-
Access:
Write
-
Resources:
Name: volume
Required: Yes
-
Conditions:
aws:RequestTag/${TagKey}
aws:TagKeys
fsx:StorageVirtualMachineId
-
Dependents:
fsx:TagResource
-
CreateVolumeFromBackup
-
Description:
Grants permission to create a new volume from backup
-
Access:
Write
-
Resources:
Name: backup
Required: Yes
Name: storage-virtual-machine
Required: Yes
Name: volume
Required: Yes
-
Conditions:
aws:RequestTag/${TagKey}
aws:TagKeys
fsx:StorageVirtualMachineId
-
Dependents:
fsx:TagResource
-
DeleteStorageVirtualMachine
-
Description:
Grants permission to delete a storage virtual machine, deleting its contents.
-
Access:
Write
-
Resources:
Name: storage-virtual-machine
Required: Yes
-
Conditions:
aws:TagKeys
-
DeleteVolume
-
Description:
Grants permission to delete a volume, deleting its contents and any existing automatic backups of the volume.
-
Access:
Write
-
Resources:
Name: volume
Required: Yes
-
Conditions:
aws:TagKeys
fsx:StorageVirtualMachineId
-
DescribeStorageVirtualMachines
-
Description:
Grants permission to return the descriptions of all storage virtual machines owned by your AWS account in the AWS Region of the endpoint that you're calling
-
Access:
Read
-
DescribeVolumes
-
Description:
Grants permission to return the descriptions of all volumes owned by your AWS account in the AWS Region of the endpoint that you're calling
-
Access:
Read
-
UpdateStorageVirtualMachine
-
Description:
Grants permission to update storage virtual machine configuration
-
Access:
Write
-
Resources:
Name: storage-virtual-machine
Required: Yes
-
Conditions:
aws:TagKeys
-
UpdateVolume
-
Description:
Grants permission to update volume configuration
-
Access:
Write
-
Resources:
Name: volume
Required: Yes
-
Conditions:
aws:TagKeys
fsx:StorageVirtualMachineId
Resources
-
storage-virtual-machine
-
Arn:
arn:${Partition}:fsx:${Region}:${Account}:storage-virtual-machine/${FileSystemId}/${StorageVirtualMachineId}
-
Conditions:
aws:ResourceTag/${TagKey}
-
volume
-
Arn:
arn:${Partition}:fsx:${Region}:${Account}:volume/${FileSystemId}/${VolumeId}
-
Conditions:
aws:ResourceTag/${TagKey}
Conditions
-
fsx:StorageVirtualMachineId
-
Description:
Filters access by the containing storage virtual machine for a volume for mutating volume operations
-
Type:
String