2022-10-08
8 new actions, 3 new resources | 7 updated actions | 1 removed condition
Additions
Actions
-
CreateCoipCidr
-
Description:
Grants permission to create a range of customer-owned IP (CoIP) addresses
-
Access:
Write
-
Resources:
Name: coip-pool
Required: Yes
-
Conditions:
aws:ResourceTag/${TagKey}
ec2:ResourceTag/${TagKey}
ec2:Region
-
CreateCoipPool
-
Description:
Grants permission to create a pool of customer-owned IP (CoIP) addresses
-
Access:
Write
-
Resources:
Name: local-gateway-route-table
Required: Yes
-
Conditions:
aws:ResourceTag/${TagKey}
ec2:ResourceTag/${TagKey}
ec2:Region
-
Dependents:
ec2:CreateTags
-
CreateLocalGatewayRouteTable
-
Description:
Grants permission to create a local gateway route table
-
Access:
Write
-
Resources:
Name: local-gateway
Required: Yes
Name: local-gateway-route-table
Required: Yes
-
Conditions:
aws:ResourceTag/${TagKey}
ec2:ResourceTag/${TagKey}
aws:RequestTag/${TagKey}
aws:TagKeys
ec2:Region
-
Dependents:
ec2:CreateTags
-
CreateLocalGatewayRouteTableVirtualInterfaceGroupAssociation
-
Description:
Grants permission to create a local gateway route table virtual interface group association
-
Access:
Write
-
Resources:
Name: local-gateway-route-table
Required: Yes
Name: local-gateway-route-table-virtual-interface-group-association
Required: Yes
Name: local-gateway-virtual-interface-group
Required: Yes
-
Conditions:
aws:ResourceTag/${TagKey}
ec2:ResourceTag/${TagKey}
aws:RequestTag/${TagKey}
aws:TagKeys
ec2:Region
-
Dependents:
ec2:CreateTags
-
DeleteCoipCidr
-
Description:
Grants permission to delete a range of customer-owned IP (CoIP) addresses
-
Access:
Write
-
Resources:
Name: coip-pool
Required: Yes
-
Conditions:
aws:ResourceTag/${TagKey}
ec2:ResourceTag/${TagKey}
ec2:Region
-
DeleteCoipPool
-
Description:
Grants permission to delete a pool of customer-owned IP (CoIP) addresses
-
Access:
Write
-
Resources:
Name: coip-pool
Required: Yes
-
Conditions:
aws:ResourceTag/${TagKey}
ec2:ResourceTag/${TagKey}
ec2:Region
-
DeleteLocalGatewayRouteTable
-
Description:
Grants permission to delete a local gateway route table
-
Access:
Write
-
Resources:
Name: local-gateway-route-table
Required: Yes
-
Conditions:
aws:ResourceTag/${TagKey}
ec2:ResourceTag/${TagKey}
ec2:Region
-
DeleteLocalGatewayRouteTableVirtualInterfaceGroupAssociation
-
Description:
Grants permission to delete a local gateway route table virtual interface group association
-
Access:
Write
-
Resources:
Name: local-gateway-route-table-virtual-interface-group-association
Required: Yes
-
Conditions:
aws:ResourceTag/${TagKey}
ec2:ResourceTag/${TagKey}
ec2:Region
Resources
-
coip-pool
-
Arn:
arn:${Partition}:ec2:${Region}:${Account}:coip-pool/${Ipv4PoolCoipId}
-
Conditions:
aws:RequestTag/${TagKey}
aws:ResourceTag/${TagKey}
aws:TagKeys
ec2:Region
ec2:ResourceTag/${TagKey}
-
vpc-endpoint-connection
-
Arn:
arn:${Partition}:ec2:${Region}:${Account}:vpc-endpoint-connection/${VpcEndpointConnectionId}
-
Conditions:
aws:RequestTag/${TagKey}
aws:ResourceTag/${TagKey}
aws:TagKeys
ec2:Region
ec2:ResourceTag/${TagKey}
-
vpc-endpoint-service-permission
-
Arn:
arn:${Partition}:ec2:${Region}:${Account}:vpc-endpoint-service-permission/${VpcEndpointServicePermissionId}
-
Conditions:
aws:RequestTag/${TagKey}
aws:ResourceTag/${TagKey}
aws:TagKeys
ec2:Region
ec2:ResourceTag/${TagKey}
Deletions
Conditions
-
ec2:ResourceTag/
-
Description:
Filters access by the preface string for a tag key and value pair that are attached to a resource
-
Type:
String