AWS Account Management
(account)
IAM Changes
Services
2021-10-02
2021-10-02
3 new actions, 2 new resources, 3 new conditions
Additions
Actions
DeleteAlternateContact
Description:
Grants permission to delete the alternate contacts for an account
Access:
Write
Resources:
Name: account
Required: No
Name: accountInOrganization
Required: No
GetAlternateContact
Description:
Grants permission to retrieve the alternate contacts for an account
Access:
Read
Resources:
Name: account
Required: No
Name: accountInOrganization
Required: No
PutAlternateContact
Description:
Grants permission to modify the alternate contacts for an account
Access:
Write
Resources:
Name: account
Required: No
Name: accountInOrganization
Required: No
Resources
account
Arn:
arn:${Partition}:account::${Account}:account
accountInOrganization
Arn:
arn:${Partition}:account::${ManagementAccountId}:account/o-${OrganizationId}/${MemberAccountId}
Conditions
account:AccountResourceOrgPaths
Description:
Filters access by the resource path for an account in an organization
Type:
ArrayOfString
account:AccountResourceOrgTags/${TagKey}
Description:
Filters access by resource tags for an account in an organization
Type:
ArrayOfString
account:AlternateContactTypes
Description:
Filters access by alternate contact types
Type:
ArrayOfString