Change log of AWS IAM permissions

2022-03-04

2 new actions, 2 new resources, 14 new conditions | 357 updated actions, 14 updated resources

Additions

Actions

ListImagesInRecycleBin
- Description: Grants permission to list Amazon Machine Images (AMIs) that are currently in the Recycle Bin
- Access: List
- Resources:
  Name: image
  
  Required: No
- Conditions:
  aws:ResourceTag/${TagKey}
  
  ec2:ImageID
  
  ec2:ImageType
  
  ec2:Owner
  
  ec2:Public
  
  ec2:ResourceTag/${TagKey}
  
  ec2:RootDeviceType
  
  ec2:Region
RestoreImageFromRecycleBin
- Description: Grants permission to restore an Amazon Machine Image (AMI) from the Recycle Bin
- Access: Write
- Resources:
  Name: image
  
  Required: Yes
- Conditions:
  aws:ResourceTag/${TagKey}
  
  ec2:ImageID
  
  ec2:ImageType
  
  ec2:Owner
  
  ec2:Public
  
  ec2:ResourceTag/${TagKey}
  
  ec2:RootDeviceType
  
  ec2:Region

Resources

license-configuration
- Arn: arn:${Partition}:license-manager:${Region}:${Account}:license-configuration/${LicenseConfigurationId}
subnet-cidr-reservation
- Arn: arn:${Partition}:ec2:${Region}:${Account}:subnet-cidr-reservation/${SubnetCidrReservationId}
- Conditions:
  aws:RequestTag/${TagKey}
  
  aws:ResourceTag/${TagKey}
  
  aws:TagKeys
  
  ec2:Region
  
  ec2:ResourceTag/${TagKey}

Conditions

ec2:DhcpOptionsID
- Description: Filters access by the ID of a dynamic host configuration protocol (DHCP) options set
- Type: String
ec2:ImageID
- Description: Filters access by the ID of an image
- Type: String
ec2:InstanceID
- Description: Filters access by the ID of an instance
- Type: String
ec2:InternetGatewayID
- Description: Filters access by the ID of an internet gateway
- Type: String
ec2:NetworkAclID
- Description: Filters access by the ID of a network access control list (ACL)
- Type: String
ec2:NetworkInterfaceID
- Description: Filters access by the ID of an elastic network interface
- Type: String
ec2:PlacementGroupName
- Description: Filters access by the name of a placement group
- Type: String
ec2:RouteTableID
- Description: Filters access by the ID of a route table
- Type: String
ec2:SecurityGroupID
- Description: Filters access by the ID of a security group
- Type: String
ec2:SnapshotID
- Description: Filters access by the ID of a snapshot
- Type: String
ec2:SubnetID
- Description: Filters access by the ID of a subnet
- Type: String
ec2:VolumeID
- Description: Filters access by the ID of a volume
- Type: String
ec2:VpcID
- Description: Filters access by the ID of a virtual private cloud (VPC)
- Type: String
ec2:VpcPeeringConnectionID
- Description: Filters access by the ID of a VPC peering connection
- Type: String

Updates

Actions

AcceptVpcPeeringConnection
- ＋ ec2:VpcID
- ＋ ec2:VpcPeeringConnectionID
ApplySecurityGroupsToClientVpnTargetNetwork
- ＋ ec2:SecurityGroupID
- ＋ ec2:VpcID
AssignIpv6Addresses
- ＋ ec2:NetworkInterfaceID
AssignPrivateIpAddresses
- ＋ ec2:NetworkInterfaceID
AssociateAddress
- ＋ ec2:InstanceID
- ＋ ec2:NetworkInterfaceID
AssociateClientVpnTargetNetwork
- ＋ ec2:SubnetID
AssociateDhcpOptions
- ＋ ec2:DhcpOptionsID
- ＋ ec2:VpcID
AssociateIamInstanceProfile
- ＋ ec2:InstanceID
AssociateRouteTable
- ＋ ec2:RouteTableID
- ＋ ec2:InternetGatewayID
- ＋ ec2:SubnetID
AssociateSubnetCidrBlock
- ＋ ec2:SubnetID
AssociateTransitGatewayMulticastDomain
- ＋ ec2:SubnetID
AssociateVpcCidrBlock
- ＋ ec2:VpcID
AttachClassicLinkVpc
- ＋ ec2:InstanceID
- ＋ ec2:SecurityGroupID
- ＋ ec2:VpcID
AttachInternetGateway
- ＋ ec2:InternetGatewayID
- ＋ ec2:VpcID
AttachNetworkInterface
- ＋ ec2:InstanceID
- ＋ ec2:NetworkInterfaceID
AttachVolume
- ＋ ec2:InstanceID
- ＋ ec2:VolumeID
AttachVpnGateway
- ＋ ec2:VpcID
AuthorizeSecurityGroupEgress
- ＋ ec2:SecurityGroupID
AuthorizeSecurityGroupIngress
- ＋ ec2:SecurityGroupID
CopyImage
- ＋ ec2:ImageID
CopySnapshot
- ＋ ec2:SnapshotID
CreateCarrierGateway
- ＋ ec2:VpcID
CreateClientVpnEndpoint
- ＋ ec2:SecurityGroupID
- ＋ ec2:VpcID
CreateClientVpnRoute
- ＋ ec2:SubnetID
CreateDhcpOptions
- ＋ ec2:DhcpOptionsID
CreateEgressOnlyInternetGateway
- ＋ ec2:VpcID
CreateFleet
- ＋ ec2:InstanceID
- ＋ ec2:ImageID
- ＋ ec2:NetworkInterfaceID
- ＋ ec2:PlacementGroupName
- ＋ ec2:SecurityGroupID
- ＋ ec2:SnapshotID
- ＋ ec2:SubnetID
- ＋ ec2:Encrypted
- ＋ ec2:KmsKeyId
- ＋ ec2:ParentSnapshot
- ＋ ec2:VolumeID
- ＋ ec2:VolumeIops
- ＋ ec2:VolumeThroughput
- ＋ ec2:VolumeType
- ＋ volume
CreateFlowLogs
- ＋ ec2:NetworkInterfaceID
- ＋ ec2:SubnetID
- ＋ ec2:VpcID
CreateImage
- ＋ ec2:ImageID
- ＋ ec2:InstanceID
- ＋ ec2:SnapshotID
CreateInstanceExportTask
- ＋ ec2:InstanceID
CreateInternetGateway
- ＋ ec2:InternetGatewayID
CreateLocalGatewayRouteTableVpcAssociation
- ＋ ec2:VpcID
CreateNatGateway
- ＋ ec2:SubnetID
CreateNetworkAcl
- ＋ ec2:NetworkAclID
- ＋ ec2:VpcID
CreateNetworkAclEntry
- ＋ ec2:NetworkAclID
CreateNetworkInsightsPath
- ＋ ec2:InstanceID
- ＋ ec2:InternetGatewayID
- ＋ ec2:NetworkInterfaceID
- ＋ ec2:VpcPeeringConnectionID
CreateNetworkInterface
- ＋ ec2:NetworkInterfaceID
- ＋ ec2:SubnetID
- ＋ ec2:SecurityGroupID
CreateNetworkInterfacePermission
- ＋ ec2:NetworkInterfaceID
CreatePlacementGroup
- ＋ ec2:PlacementGroupName
CreateReplaceRootVolumeTask
- ＋ ec2:InstanceID
- ＋ ec2:VolumeID
- ＋ ec2:SnapshotID
CreateRestoreImageTask
- ＋ ec2:ImageID
CreateRoute
- ＋ ec2:RouteTableID
CreateRouteTable
- ＋ ec2:RouteTableID
- ＋ ec2:VpcID
CreateSecurityGroup
- ＋ ec2:SecurityGroupID
- ＋ ec2:VpcID
CreateSnapshot
- ＋ ec2:SnapshotID
- ＋ ec2:VolumeID
CreateSnapshots
- ＋ ec2:InstanceID
- ＋ ec2:SnapshotID
- ＋ ec2:VolumeID
CreateStoreImageTask
- ＋ ec2:ImageID
CreateSubnet
- ＋ ec2:SubnetID
- ＋ ec2:VpcID
CreateTags
- ＋ ec2:DhcpOptionsID
- ＋ ec2:ImageID
- ＋ ec2:InstanceID
- ＋ ec2:InternetGatewayID
- ＋ ec2:NetworkAclID
- ＋ ec2:NetworkInterfaceID
- ＋ ec2:PlacementGroupName
- ＋ ec2:RouteTableID
- ＋ ec2:SecurityGroupID
- ＋ ec2:SnapshotID
- ＋ ec2:SubnetID
- ＋ ec2:VolumeID
- ＋ ec2:VpcID
- ＋ ec2:VpcPeeringConnectionID
- ＋ subnet-cidr-reservation
CreateTrafficMirrorSession
- ＋ ec2:NetworkInterfaceID
CreateTrafficMirrorTarget
- ＋ ec2:NetworkInterfaceID
CreateTransitGatewayVpcAttachment
- ＋ ec2:VpcID
- ＋ ec2:SubnetID
CreateVolume
- ＋ ec2:VolumeID
CreateVpc
- ＋ ec2:VpcID
CreateVpcEndpoint
- ＋ ec2:VpcID
- ＋ ec2:RouteTableID
- ＋ ec2:SecurityGroupID
- ＋ ec2:SubnetID
CreateVpcPeeringConnection
- ＋ ec2:VpcID
- ＋ ec2:VpcPeeringConnectionID
DeleteClientVpnRoute
- ＋ ec2:SubnetID
DeleteDhcpOptions
- ＋ ec2:DhcpOptionsID
DeleteInternetGateway
- ＋ ec2:InternetGatewayID
DeleteNetworkAcl
- ＋ ec2:NetworkAclID
DeleteNetworkAclEntry
- ＋ ec2:NetworkAclID
DeleteNetworkInterface
- ＋ ec2:NetworkInterfaceID
DeleteNetworkInterfacePermission
- ＋ ec2:NetworkInterfaceID
DeletePlacementGroup
- ＋ ec2:PlacementGroupName
DeleteRoute
- ＋ ec2:RouteTableID
DeleteRouteTable
- ＋ ec2:RouteTableID
DeleteSecurityGroup
- ＋ ec2:SecurityGroupID
DeleteSnapshot
- ＋ ec2:SnapshotID
DeleteSubnet
- ＋ ec2:SubnetID
DeleteTags
- ＋ subnet-cidr-reservation
DeleteVolume
- ＋ ec2:VolumeID
DeleteVpc
- ＋ ec2:VpcID
DeleteVpcPeeringConnection
- ＋ ec2:VpcPeeringConnectionID
DeregisterImage
- ＋ ec2:ImageID
DeregisterTransitGatewayMulticastGroupMembers
- ＋ ec2:NetworkInterfaceID
DeregisterTransitGatewayMulticastGroupSources
- ＋ ec2:NetworkInterfaceID
DescribeFastLaunchImages
- ＋ ec2:ImageID
DescribeImageAttribute
- ＋ ec2:ImageID
DescribeInstanceAttribute
- ＋ ec2:InstanceID
DescribeSecurityGroupReferences
- － aws:ResourceTag/${TagKey}
- － ec2:ResourceTag/${TagKey}
- － ec2:Vpc
- － security-group
DescribeSnapshotAttribute
- ＋ ec2:SnapshotID
DescribeStaleSecurityGroups
- － aws:ResourceTag/${TagKey}
- － ec2:ResourceTag/${TagKey}
- － ec2:Tenancy
- － vpc
DescribeStoreImageTasks
- ＋ ec2:ImageID
DescribeVolumeAttribute
- ＋ ec2:VolumeID
DescribeVpcAttribute
- ＋ ec2:VpcID
DetachClassicLinkVpc
- ＋ ec2:InstanceID
- ＋ ec2:VpcID
DetachInternetGateway
- ＋ ec2:InternetGatewayID
- ＋ ec2:VpcID
DetachNetworkInterface
- ＋ ec2:InstanceID
- ＋ ec2:NetworkInterfaceID
DetachVolume
- ＋ ec2:VolumeID
- ＋ ec2:InstanceID
DetachVpnGateway
- ＋ ec2:VpcID
DisableFastLaunch
- ＋ ec2:ImageID
DisableFastSnapshotRestores
- ＋ ec2:SnapshotID
DisableImageDeprecation
- ＋ ec2:ImageID
DisableVgwRoutePropagation
- ＋ ec2:RouteTableID
DisableVpcClassicLink
- ＋ ec2:VpcID
DisableVpcClassicLinkDnsSupport
- ＋ ec2:VpcID
DisassociateAddress
- ＋ ec2:NetworkInterfaceID
DisassociateIamInstanceProfile
- ＋ ec2:InstanceID
DisassociateRouteTable
- ＋ ec2:RouteTableID
- ＋ ec2:SubnetID
DisassociateSubnetCidrBlock
- ＋ ec2:SubnetID
DisassociateTransitGatewayMulticastDomain
- ＋ ec2:SubnetID
DisassociateVpcCidrBlock
- ＋ ec2:VpcID
EnableFastLaunch
- ＋ ec2:ImageID
EnableFastSnapshotRestores
- ＋ ec2:SnapshotID
EnableImageDeprecation
- ＋ ec2:ImageID
EnableVgwRoutePropagation
- ＋ ec2:RouteTableID
EnableVolumeIO
- ＋ ec2:VolumeID
EnableVpcClassicLink
- ＋ ec2:VpcID
EnableVpcClassicLinkDnsSupport
- ＋ ec2:VpcID
ExportImage
- ＋ ec2:ImageID
GetConsoleOutput
- ＋ ec2:InstanceID
GetConsoleScreenshot
- ＋ ec2:InstanceID
GetLaunchTemplateData
- ＋ ec2:InstanceID
GetPasswordData
- ＋ ec2:InstanceID
ImportImage
- ＋ ec2:ImageID
- ＋ ec2:SnapshotID
ImportInstance
- ＋ ec2:InstanceID
- ＋ ec2:VolumeID
- ＋ ec2:SecurityGroupID
- ＋ ec2:SubnetID
ImportSnapshot
- ＋ ec2:SnapshotID
ImportVolume
- ＋ ec2:VolumeID
ListSnapshotsInRecycleBin
- ＋ ec2:SnapshotID
ModifyClientVpnEndpoint
- ＋ ec2:SecurityGroupID
- ＋ ec2:VpcID
ModifyFleet
- ＋ ec2:ImageID
- ＋ ec2:NetworkInterfaceID
- ＋ ec2:SecurityGroupID
- ＋ ec2:SnapshotID
- ＋ ec2:SubnetID
ModifyImageAttribute
- ＋ ec2:ImageID
ModifyInstanceAttribute
- ＋ ec2:InstanceID
- ＋ ec2:SecurityGroupID
- ＋ ec2:VolumeID
ModifyInstanceCapacityReservationAttributes
- ＋ ec2:InstanceID
ModifyInstanceCreditSpecification
- ＋ ec2:InstanceID
ModifyInstanceEventStartTime
- ＋ ec2:InstanceID
ModifyInstanceMetadataOptions
- ＋ ec2:InstanceID
ModifyInstancePlacement
- ＋ ec2:InstanceID
- ＋ ec2:PlacementGroupName
ModifyNetworkInterfaceAttribute
- ＋ ec2:NetworkInterfaceID
- ＋ ec2:InstanceID
- ＋ ec2:SecurityGroupID
ModifyPrivateDnsNameOptions
- ＋ ec2:InstanceID
ModifySecurityGroupRules
- ＋ ec2:SecurityGroupID
ModifySnapshotAttribute
- ＋ ec2:SnapshotID
ModifySnapshotTier
- ＋ ec2:SnapshotID
ModifySpotFleetRequest
- ＋ ec2:SubnetID
ModifySubnetAttribute
- ＋ ec2:SubnetID
ModifyTransitGatewayVpcAttachment
- ＋ ec2:SubnetID
ModifyVolume
- ＋ ec2:VolumeID
ModifyVolumeAttribute
- ＋ ec2:VolumeID
ModifyVpcAttribute
- ＋ ec2:VpcID
ModifyVpcEndpoint
- ＋ ec2:RouteTableID
- ＋ ec2:SecurityGroupID
- ＋ ec2:SubnetID
ModifyVpcPeeringConnectionOptions
- ＋ ec2:VpcPeeringConnectionID
ModifyVpcTenancy
- ＋ ec2:VpcID
MonitorInstances
- ＋ ec2:InstanceID
RebootInstances
- ＋ ec2:InstanceID
RegisterImage
- ＋ ec2:ImageID
- ＋ ec2:SnapshotID
RegisterTransitGatewayMulticastGroupMembers
- ＋ ec2:NetworkInterfaceID
RegisterTransitGatewayMulticastGroupSources
- ＋ ec2:NetworkInterfaceID
RejectVpcPeeringConnection
- ＋ ec2:VpcPeeringConnectionID
ReplaceIamInstanceProfileAssociation
- ＋ ec2:InstanceID
ReplaceNetworkAclAssociation
- ＋ ec2:NetworkAclID
- ＋ ec2:SubnetID
ReplaceNetworkAclEntry
- ＋ ec2:NetworkAclID
ReplaceRoute
- ＋ ec2:RouteTableID
- ＋ ec2:InstanceID
- ＋ ec2:InternetGatewayID
- ＋ ec2:NetworkInterfaceID
- ＋ ec2:VpcPeeringConnectionID
ReplaceRouteTableAssociation
- ＋ ec2:RouteTableID
- ＋ ec2:SubnetID
RequestSpotFleet
- ＋ ec2:ImageID
- ＋ ec2:PlacementGroupName
- ＋ ec2:SecurityGroupID
- ＋ ec2:SnapshotID
- ＋ ec2:SubnetID
RequestSpotInstances
- ＋ ec2:ImageID
- ＋ ec2:NetworkInterfaceID
- ＋ ec2:PlacementGroupName
- ＋ ec2:SecurityGroupID
- ＋ ec2:SnapshotID
- ＋ ec2:SubnetID
ResetImageAttribute
- ＋ ec2:ImageID
ResetInstanceAttribute
- ＋ ec2:InstanceID
ResetNetworkInterfaceAttribute
- ＋ ec2:NetworkInterfaceID
ResetSnapshotAttribute
- ＋ ec2:SnapshotID
RestoreSnapshotFromRecycleBin
- ＋ ec2:SnapshotID
RestoreSnapshotTier
- ＋ ec2:SnapshotID
RevokeSecurityGroupEgress
- ＋ ec2:SecurityGroupID
RevokeSecurityGroupIngress
- ＋ ec2:SecurityGroupID
RunInstances
- ＋ ec2:ImageID
- ＋ ec2:InstanceID
- ＋ ec2:NetworkInterfaceID
- ＋ ec2:SecurityGroupID
- ＋ ec2:SubnetID
- ＋ ec2:VolumeID
- ＋ ec2:PlacementGroupName
- ＋ ec2:SnapshotID
- ＋ license-configuration
RunScheduledInstances
- ＋ ec2:ImageID
- ＋ ec2:NetworkInterfaceID
- ＋ ec2:PlacementGroupName
- ＋ ec2:SecurityGroupID
- ＋ ec2:SnapshotID
- ＋ ec2:SubnetID
SendDiagnosticInterrupt
- ＋ ec2:InstanceID
SendSpotInstanceInterruptions
- ＋ ec2:InstanceID
StartInstances
- ＋ ec2:InstanceID
- ＋ license-configuration
StopInstances
- ＋ ec2:InstanceID
TerminateInstances
- ＋ ec2:InstanceID
UnassignIpv6Addresses
- ＋ ec2:NetworkInterfaceID
UnassignPrivateIpAddresses
- ＋ ec2:NetworkInterfaceID
UnmonitorInstances
- ＋ ec2:InstanceID
UpdateSecurityGroupRuleDescriptionsEgress
- ＋ ec2:SecurityGroupID
UpdateSecurityGroupRuleDescriptionsIngress
- ＋ ec2:SecurityGroupID
AcceptReservedInstancesExchangeQuote
- ＋ ec2:Region
AdvertiseByoipCidr
- ＋ ec2:Region
AssociateEnclaveCertificateIamRole
- ＋ ec2:Region
AssociateTrunkInterface
- ＋ ec2:Region
BundleInstance
- ＋ ec2:Region
CancelBundleTask
- ＋ ec2:Region
CancelConversionTask
- ＋ ec2:Region
CancelReservedInstancesListing
- ＋ ec2:Region
ConfirmProductInstance
- ＋ ec2:Region
CreateCoipPoolPermission
- ＋ ec2:Region
CreateDefaultSubnet
- ＋ ec2:Region
CreateDefaultVpc
- ＋ ec2:Region
CreateIpam
- ＋ iam:CreateServiceLinkedRole
CreateReservedInstancesListing
- ＋ ec2:Region
CreateSpotDatafeedSubscription
- ＋ ec2:Region
CreateSubnetCidrReservation
- ＋ ec2:Region
DeleteCoipPoolPermission
- ＋ ec2:Region
DeleteQueuedReservedInstances
- ＋ ec2:Region
DeleteSpotDatafeedSubscription
- ＋ ec2:Region
DeleteSubnetCidrReservation
- ＋ ec2:Region
DeprovisionByoipCidr
- ＋ ec2:Region
DeregisterInstanceEventNotificationAttributes
- ＋ ec2:Region
DescribeAccountAttributes
- ＋ ec2:Region
DescribeAddresses
- ＋ ec2:Region
DescribeAggregateIdFormat
- ＋ ec2:Region
DescribeAvailabilityZones
- ＋ ec2:Region
DescribeBundleTasks
- ＋ ec2:Region
DescribeByoipCidrs
- ＋ ec2:Region
DescribeCapacityReservationFleets
- ＋ ec2:Region
DescribeCapacityReservations
- ＋ ec2:Region
DescribeCarrierGateways
- ＋ ec2:Region
DescribeClassicLinkInstances
- ＋ ec2:Region
DescribeCoipPools
- ＋ ec2:Region
DescribeConversionTasks
- ＋ ec2:Region
DescribeCustomerGateways
- ＋ ec2:Region
DescribeDhcpOptions
- ＋ ec2:Region
DescribeEgressOnlyInternetGateways
- ＋ ec2:Region
DescribeElasticGpus
- ＋ ec2:Region
DescribeExportImageTasks
- ＋ ec2:Region
DescribeExportTasks
- ＋ ec2:Region
DescribeFastSnapshotRestores
- ＋ ec2:Region
DescribeFlowLogs
- ＋ ec2:Region
DescribeFpgaImages
- ＋ ec2:Region
DescribeHostReservationOfferings
- ＋ ec2:Region
DescribeHostReservations
- ＋ ec2:Region
DescribeHosts
- ＋ ec2:Region
DescribeIamInstanceProfileAssociations
- ＋ ec2:Region
DescribeIdFormat
- ＋ ec2:Region
DescribeIdentityIdFormat
- ＋ ec2:Region
DescribeImages
- ＋ ec2:Region
DescribeImportImageTasks
- ＋ ec2:Region
DescribeImportSnapshotTasks
- ＋ ec2:Region
DescribeInstanceCreditSpecifications
- ＋ ec2:Region
DescribeInstanceEventNotificationAttributes
- ＋ ec2:Region
DescribeInstanceEventWindows
- ＋ ec2:Region
DescribeInstanceStatus
- ＋ ec2:Region
DescribeInstanceTypeOfferings
- ＋ ec2:Region
DescribeInstanceTypes
- ＋ ec2:Region
DescribeInstances
- ＋ ec2:Region
DescribeInternetGateways
- ＋ ec2:Region
DescribeIpamPools
- ＋ ec2:Region
DescribeIpamScopes
- ＋ ec2:Region
DescribeIpams
- ＋ ec2:Region
DescribeIpv6Pools
- ＋ ec2:Region
DescribeKeyPairs
- ＋ ec2:Region
DescribeLaunchTemplateVersions
- ＋ ec2:Region
DescribeLaunchTemplates
- ＋ ec2:Region
DescribeLocalGatewayRouteTablePermissions
- ＋ ec2:Region
DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations
- ＋ ec2:Region
DescribeLocalGatewayRouteTableVpcAssociations
- ＋ ec2:Region
DescribeLocalGatewayRouteTables
- ＋ ec2:Region
DescribeLocalGatewayVirtualInterfaceGroups
- ＋ ec2:Region
DescribeLocalGatewayVirtualInterfaces
- ＋ ec2:Region
DescribeLocalGateways
- ＋ ec2:Region
DescribeManagedPrefixLists
- ＋ ec2:Region
DescribeMovingAddresses
- ＋ ec2:Region
DescribeNatGateways
- ＋ ec2:Region
DescribeNetworkAcls
- ＋ ec2:Region
DescribeNetworkInsightsAccessScopeAnalyses
- ＋ ec2:Region
DescribeNetworkInsightsAccessScopes
- ＋ ec2:Region
DescribeNetworkInsightsAnalyses
- ＋ ec2:Region
DescribeNetworkInsightsPaths
- ＋ ec2:Region
DescribeNetworkInterfaceAttribute
- ＋ ec2:Region
DescribeNetworkInterfacePermissions
- ＋ ec2:Region
DescribeNetworkInterfaces
- ＋ ec2:Region
DescribePlacementGroups
- ＋ ec2:Region
DescribePrefixLists
- ＋ ec2:Region
DescribePrincipalIdFormat
- ＋ ec2:Region
DescribePublicIpv4Pools
- ＋ ec2:Region
DescribeRegions
- ＋ ec2:Region
DescribeReplaceRootVolumeTasks
- ＋ ec2:Region
DescribeReservedInstances
- ＋ ec2:Region
DescribeReservedInstancesListings
- ＋ ec2:Region
DescribeReservedInstancesModifications
- ＋ ec2:Region
DescribeReservedInstancesOfferings
- ＋ ec2:Region
DescribeRouteTables
- ＋ ec2:Region
DescribeScheduledInstanceAvailability
- ＋ ec2:Region
DescribeScheduledInstances
- ＋ ec2:Region
DescribeSecurityGroupRules
- ＋ ec2:Region
DescribeSecurityGroups
- ＋ ec2:Region
DescribeSnapshotTierStatus
- ＋ ec2:Region
DescribeSnapshots
- ＋ ec2:Region
DescribeSpotDatafeedSubscription
- ＋ ec2:Region
DescribeSpotFleetInstances
- ＋ spot-fleet-request
- ＋ aws:ResourceTag/${TagKey}
- ＋ ec2:ResourceTag/${TagKey}
- ＋ ec2:Region
DescribeSpotFleetRequestHistory
- ＋ spot-fleet-request
- ＋ aws:ResourceTag/${TagKey}
- ＋ ec2:ResourceTag/${TagKey}
- ＋ ec2:Region
DescribeSpotFleetRequests
- ＋ ec2:Region
DescribeSpotInstanceRequests
- ＋ ec2:Region
DescribeSpotPriceHistory
- ＋ ec2:Region
DescribeSubnets
- ＋ ec2:Region
DescribeTags
- ＋ ec2:Region
DescribeTrafficMirrorFilters
- ＋ ec2:Region
DescribeTrafficMirrorSessions
- ＋ ec2:Region
DescribeTrafficMirrorTargets
- ＋ ec2:Region
DescribeTransitGatewayAttachments
- ＋ ec2:Region
DescribeTransitGatewayConnectPeers
- ＋ ec2:Region
DescribeTransitGatewayConnects
- ＋ ec2:Region
DescribeTransitGatewayMulticastDomains
- ＋ ec2:Region
DescribeTransitGatewayPeeringAttachments
- ＋ ec2:Region
DescribeTransitGatewayRouteTables
- ＋ ec2:Region
DescribeTransitGatewayVpcAttachments
- ＋ ec2:Region
DescribeTransitGateways
- ＋ ec2:Region
DescribeTrunkInterfaceAssociations
- ＋ ec2:Region
DescribeVolumeStatus
- ＋ ec2:Region
DescribeVolumes
- ＋ ec2:Region
DescribeVolumesModifications
- ＋ ec2:Region
DescribeVpcClassicLink
- ＋ ec2:Region
DescribeVpcClassicLinkDnsSupport
- ＋ ec2:Region
DescribeVpcEndpointConnectionNotifications
- ＋ ec2:Region
DescribeVpcEndpointConnections
- ＋ ec2:Region
DescribeVpcEndpointServiceConfigurations
- ＋ ec2:Region
DescribeVpcEndpointServicePermissions
- ＋ ec2:Region
DescribeVpcEndpointServices
- ＋ ec2:Region
DescribeVpcEndpoints
- ＋ ec2:Region
DescribeVpcPeeringConnections
- ＋ ec2:Region
DescribeVpcs
- ＋ ec2:Region
DescribeVpnConnections
- ＋ ec2:Region
DescribeVpnGateways
- ＋ ec2:Region
DisableEbsEncryptionByDefault
- ＋ ec2:Region
DisableIpamOrganizationAdminAccount
- ＋ ec2:Region
DisableSerialConsoleAccess
- ＋ ec2:Region
DisassociateEnclaveCertificateIamRole
- ＋ ec2:Region
DisassociateTrunkInterface
- ＋ ec2:Region
EnableEbsEncryptionByDefault
- ＋ ec2:Region
EnableIpamOrganizationAdminAccount
- ＋ ec2:Region
EnableSerialConsoleAccess
- ＋ ec2:Region
ExportTransitGatewayRoutes
- ＋ ec2:Region
GetAssociatedEnclaveCertificateIamRoles
- ＋ ec2:Region
GetAssociatedIpv6PoolCidrs
- ＋ ec2:Region
GetCoipPoolUsage
- ＋ ec2:Region
GetDefaultCreditSpecification
- ＋ ec2:Region
GetEbsDefaultKmsKeyId
- ＋ ec2:Region
GetEbsEncryptionByDefault
- ＋ ec2:Region
GetHostReservationPurchasePreview
- ＋ ec2:Region
GetInstanceTypesFromInstanceRequirements
- ＋ ec2:Region
GetNetworkInsightsAccessScopeAnalysisFindings
- ＋ ec2:Region
GetNetworkInsightsAccessScopeContent
- ＋ ec2:Region
GetReservedInstancesExchangeQuote
- ＋ ec2:Region
GetSerialConsoleAccessStatus
- ＋ ec2:Region
GetSpotPlacementScores
- ＋ ec2:Region
GetSubnetCidrReservations
- ＋ ec2:Region
GetTransitGatewayAttachmentPropagations
- ＋ ec2:Region
GetTransitGatewayMulticastDomainAssociations
- ＋ ec2:Region
GetTransitGatewayPrefixListReferences
- ＋ ec2:Region
GetTransitGatewayRouteTableAssociations
- ＋ ec2:Region
GetTransitGatewayRouteTablePropagations
- ＋ ec2:Region
GetVpnConnectionDeviceTypes
- ＋ ec2:Region
ModifyAvailabilityZoneGroup
- ＋ ec2:Region
ModifyDefaultCreditSpecification
- ＋ ec2:Region
ModifyEbsDefaultKmsKeyId
- ＋ ec2:Region
ModifyIdFormat
- ＋ ec2:Region
ModifyIdentityIdFormat
- ＋ ec2:Region
MoveAddressToVpc
- ＋ ec2:Region
ProvisionByoipCidr
- ＋ ec2:Region
PurchaseReservedInstancesOffering
- ＋ ec2:Region
PurchaseScheduledInstances
- ＋ ec2:Region
RegisterInstanceEventNotificationAttributes
- ＋ ec2:Region
ReportInstanceStatus
- ＋ ec2:Region
ResetEbsDefaultKmsKeyId
- ＋ ec2:Region
RestoreAddressToClassic
- ＋ ec2:Region
SearchLocalGatewayRoutes
- ＋ ec2:Region
SearchTransitGatewayMulticastGroups
- ＋ ec2:Region
WithdrawByoipCidr
- ＋ ec2:Region

Resources

dhcp-options
- ＋ ec2:DhcpOptionsID
image
- ＋ ec2:ImageID
instance
- ＋ ec2:InstanceID
internet-gateway
- ＋ ec2:InternetGatewayID
network-acl
- ＋ ec2:NetworkAclID
network-interface
- ＋ ec2:NetworkInterfaceID
placement-group
- ＋ ec2:PlacementGroupName
route-table
- ＋ ec2:RouteTableID
security-group
- ＋ ec2:SecurityGroupID
snapshot
- ＋ ec2:SnapshotID
subnet
- ＋ ec2:SubnetID
volume
- ＋ ec2:VolumeID
vpc
- ＋ ec2:VpcID
vpc-peering-connection
- ＋ ec2:VpcPeeringConnectionID

Amazon EC2 (ec2)

Additions

Updates