Amazon EC2 (ec2)

2022-02-08

5 new actions, 9 new conditions | 86 updated actions, 32 updated resources

Additions

    Actions
  • CreateCoipPoolPermission
    • Description:  Grants permission to allow a service to access a customer owned IP (CoIP) pool
    • Access:  Write
  • CreateLocalGatewayRouteTablePermission
    • Description:  Grants permission to allow a service to access a local gateway route table
    • Access:  Write
    • Resources: 

      Name: local-gateway-route-table

      Required: Yes
    • Conditions: 

      aws:ResourceTag/${TagKey}

      ec2:Region

      ec2:ResourceTag/${TagKey}
  • DeleteCoipPoolPermission
    • Description:  Grants permission to deny a service from accessing a customer owned IP (CoIP) pool
    • Access:  Write
  • DeleteLocalGatewayRouteTablePermission
    • Description:  Grants permission to deny a service from accessing a local gateway route table
    • Access:  Write
    • Resources: 

      Name: local-gateway-route-table

      Required: Yes
    • Conditions: 

      aws:ResourceTag/${TagKey}

      ec2:Region

      ec2:ResourceTag/${TagKey}
  • DescribeLocalGatewayRouteTablePermissions
    • Description:  Grants permission to allow a service to describe a local gateway route table
    • Access:  List
    Conditions
  • ec2:Add/group
    • Description:  Filters access by the group being added to a snapshot
    • Type:  String
  • ec2:Add/userId
    • Description:  Filters access by the account id being added to a snapshot
    • Type:  String
  • ec2:Attribute
    • Description:  Filters access by an attribute of a resource
    • Type:  String
  • ec2:InsideTunnelIpv6Cidr
    • Description:  Filters access by a range of inside IPv6 addresses for a VPN tunnel
    • Type:  String
  • ec2:InstanceAutoRecovery
    • Description:  Filters access by whether the instance type supports auto recovery
    • Type:  String
  • ec2:InstanceMetadataTags
    • Description:  Filters access by whether the instance allows access to instance tags from the instance metadata
    • Type:  String
  • ec2:Remove/group
    • Description:  Filters access by the group being removed from a snapshot
    • Type:  String
  • ec2:Remove/userId
    • Description:  Filters access by the account id being removed from a snapshot
    • Type:  String
  • ec2:ReplayWindowSizePackets
    • Description:  Filters access by the number of packets in an IKE replay window
    • Type:  String

Updates