Amazon EC2 (ec2)

2023-06-22

3 new actions, 1 new resource | 2 updated actions

Additions

    Actions
  • CreateInstanceConnectEndpoint
    • Description:  Grants permission to create an EC2 Instance Connect Endpoint that allows you to connect to an instance without a public IPv4 address
    • Access:  Write
    • Resources: 

      Name: instance-connect-endpoint

      Required: Yes

      Name: subnet

      Required: Yes

      Name: security-group

      Required: No

    • Conditions: 

      ec2:SubnetID

      aws:ResourceTag/${TagKey}

      ec2:AvailabilityZone

      ec2:ResourceTag/${TagKey}

      ec2:Vpc

      ec2:SecurityGroupID

      aws:RequestTag/${TagKey}

      aws:TagKeys

      ec2:Region

    • Dependents: 

      ec2:CreateTags

  • DeleteInstanceConnectEndpoint
    • Description:  Grants permission to delete an EC2 Instance Connect Endpoint
    • Access:  Write
    • Resources: 

      Name: instance-connect-endpoint

      Required: Yes

    • Conditions: 

      aws:ResourceTag/${TagKey}

      ec2:ResourceTag/${TagKey}

      ec2:SubnetID

      ec2:Region

  • DescribeInstanceConnectEndpoints
    • Description:  Grants permission to describe EC2 Instance Connect Endpoints
    • Access:  List
    • Conditions: 

      ec2:Region

    Resources
  • instance-connect-endpoint
    • Arn:  arn:${Partition}:ec2:${Region}:${Account}:instance-connect-endpoint/${InstanceConnectEndpointId}
    • Conditions: 

      aws:RequestTag/${TagKey}

      aws:ResourceTag/${TagKey}

      aws:TagKeys

      ec2:Attribute

      ec2:Attribute/${AttributeName}

      ec2:Region

      ec2:ResourceTag/${TagKey}

      ec2:SubnetID

Updates

    Actions
  • CreateTags
      Resources
    • + instance-connect-endpoint
  • DeleteTags
      Resources
    • + instance-connect-endpoint