AWS Resource Access Manager (RAM) (ram)

2023-04-22

9 new actions, 1 new condition | 7 updated actions, 1 updated resource

Additions

    Actions
  • CreatePermission
    • Description:  Grants permission to create a Permission that can be associated to a Resource Share
    • Access:  Write
    • Conditions: 

      ram:PermissionArn

      ram:PermissionResourceType

      aws:ResourceTag/${TagKey}

      aws:RequestTag/${TagKey}

      aws:TagKeys
    • Dependents: 

      ram:TagResource
  • CreatePermissionVersion
    • Description:  Grants permission to create a new version of a Permission that can be associated to a Resource Share
    • Access:  Write
    • Resources: 

      Name: permission

      Required: Yes

    • Conditions: 

      ram:PermissionArn

      ram:PermissionResourceType
  • DeletePermission
    • Description:  Grants permission to delete a specified Permission
    • Access:  Write
    • Resources: 

      Name: permission

      Required: Yes

    • Conditions: 

      aws:ResourceTag/${TagKey}

      ram:PermissionArn

      ram:PermissionResourceType
  • DeletePermissionVersion
    • Description:  Grants permission to delete a specified version of a permission
    • Access:  Write
    • Resources: 

      Name: permission

      Required: Yes

    • Conditions: 

      ram:PermissionArn

      ram:PermissionResourceType
  • ListPermissionAssociations
    • Description:  Grants permission to list information about the managed permission and any associations
    • Access:  List
    • Resources: 

      Name: permission

      Required: Yes

    • Conditions: 

      ram:PermissionArn

      ram:PermissionResourceType
  • ListReplacePermissionAssociationsWork
    • Description:  Grants permission to retrieve the status of the asynchronous permission replacement
    • Access:  List
    • Resources: 

      Name: permission

      Required: Yes

  • PromotePermissionCreatedFromPolicy
    • Description:  Grants permission to create a separate, fully manageable customer managed permission
    • Access:  Write
    • Resources: 

      Name: permission

      Required: Yes

    • Conditions: 

      ram:PermissionArn

      ram:PermissionResourceType
  • ReplacePermissionAssociations
    • Description:  Grants permission to update all resource shares to a new managed permission
    • Access:  Write
    • Resources: 

      Name: permission

      Required: Yes

    • Conditions: 

      ram:PermissionArn

      ram:PermissionResourceType
  • SetDefaultPermissionVersion
    • Description:  Grants permission to specify a version number as the default version for the respective customer managed permission
    • Access:  Write
    • Resources: 

      Name: permission

      Required: Yes

    • Conditions: 

      ram:PermissionArn

      ram:PermissionResourceType
    Conditions
  • ram:ResourceTag/${TagKey}
    • Description:  Filters access based on the tags associated with the resource
    • Type:  String

Updates

    Resources
  • permission
      Conditions
    • + aws:ResourceTag/${TagKey}