Change log of AWS IAM permissions

2022-07-15

7 new actions, 1 new resource, 1 new condition | 3 updated actions

Actions

CreateTransitGatewayPeering
- Description: Grants permission to create a Transit Gateway peering
- Access: Write
- Resources:
  Name: core-network
  
  Required: Yes
- Conditions:
  aws:RequestTag/${TagKey}
  
  aws:TagKeys
  
  networkmanager:tgwArn
CreateTransitGatewayRouteTableAttachment
- Description: Grants permission to create a TGW RTB attachment
- Access: Write
- Resources:
  Name: peering
  
  Required: Yes
- Conditions:
  aws:RequestTag/${TagKey}
  
  aws:TagKeys
  
  networkmanager:tgwRtbArn
DeletePeering
- Description: Grants permission to delete a peering
- Access: Write
- Resources:
  Name: peering
  
  Required: Yes
GetCoreNetworkChangeEvents
- Description: Grants permission to retrieve a list of core network change events
- Access: Read
- Resources:
  Name: core-network
  
  Required: Yes
GetTransitGatewayPeering
- Description: Grants permission to retrieve a Transit Gateway peering
- Access: Read
- Resources:
  Name: peering
  
  Required: Yes
GetTransitGatewayRouteTableAttachment
- Description: Grants permission to retrieve a TGW RTB attachment
- Access: Read
- Resources:
  Name: attachment
  
  Required: Yes
ListPeerings
- Description: Grants permission to describe peerings
- Access: List

Resources

peering
- Arn: arn:${Partition}:networkmanager::${Account}:peering/${ResourceId}
- Conditions:
  aws:ResourceTag/${TagKey}

Conditions

networkmanager:tgwRtbArn
- Description: Filters access by which Transit Gateway Route Table can be used to create an attachment
- Type: String

Actions

AWS Network Manager (networkmanager)