Amazon Macie (macie2)

Additions

Actions

• CreateAllowList
  
  • Description:  Grants permission to create and define the settings for an allow list
  • Access:  Write
  • Conditions: 

    aws:RequestTag/${TagKey}

    aws:TagKeys

• DeleteAllowList
  
  • Description:  Grants permission to delete an allow list
  • Access:  Write
  • Resources: 

    Name: AllowList

    Required: Yes

• GetAllowList
  
  • Description:  Grants permission to retrieve the settings and status of an allow list
  • Access:  Read
  • Resources: 

    Name: AllowList

    Required: Yes

• ListAllowLists
  
  • Description:  Grants permission to retrieve a subset of information about all the allow lists for an account
  • Access:  List
• UpdateAllowList
  
  • Description:  Grants permission to update the settings for an allow list
  • Access:  Write
  • Resources: 

    Name: AllowList

    Required: Yes

Resources

• AllowList
  
  • Arn:  arn:${Partition}:macie2:${Region}:${Account}:allow-list/${ResourceId}
  • Conditions: 

    aws:ResourceTag/${TagKey}

Updates

Actions

• ListTagsForResource
  
  Resources
  
  • ＋ AllowList
• TagResource
  
  Resources
  
  • ＋ AllowList
• UntagResource
  
  Resources
  
  • ＋ AllowList