Amazon FSx (fsx)

2022-10-04

4 new actions, 1 new resource, 2 new conditions | 1 updated resource, 3 updated actions

Additions

    Actions
  • CreateFileCache
    • Description:  Grants permission to create a new, empty, Amazon file cache
    • Access:  Write
    • Resources: 

      Name: file-cache

      Required: Yes

      Name: association

      Required: No

    • Conditions: 

      fsx:NfsDataRepositoryEncryptionInTransitEnabled

      fsx:NfsDataRepositoryAuthenticationEnabled

      aws:RequestTag/${TagKey}

      aws:TagKeys
    • Dependents: 

      ec2:DescribeSecurityGroups

      ec2:DescribeSubnets

      ec2:DescribeVpcs

      fsx:CreateDataRepositoryAssociation

      fsx:TagResource

      logs:CreateLogGroup

      logs:CreateLogStream

      logs:PutLogEvents

      s3:ListBucket
  • DeleteFileCache
    • Description:  Grants permission to delete a file cache, deleting its contents
    • Access:  Write
    • Resources: 

      Name: file-cache

      Required: Yes

      Name: association

      Required: No

    • Conditions: 

      aws:RequestTag/${TagKey}

      aws:TagKeys
    • Dependents: 

      fsx:DeleteDataRepositoryAssociation
  • DescribeFileCaches
    • Description:  Grants permission to return the descriptions of all file caches owned by your AWS account in the AWS Region of the endpoint that you're calling
    • Access:  Read
  • UpdateFileCache
    • Description:  Grants permission to update file cache configuration
    • Access:  Write
    • Resources: 

      Name: file-cache

      Required: Yes

    Resources
  • file-cache
    • Arn:  arn:${Partition}:fsx:${Region}:${Account}:file-cache/${FileCacheId}
    • Conditions: 

      aws:ResourceTag/${TagKey}

Updates

    Resources
  • association
      Arn
    • Old: arn:${Partition}:fsx:${Region}:${Account}:association/${FileSystemId}/${DataRepositoryAssociationId}
      New: arn:${Partition}:fsx:${Region}:${Account}:association/${FileSystemIdOrFileCacheId}/${DataRepositoryAssociationId}