Amazon Security Lake
(securitylake)
IAM Changes
Services
2023-07-22
2023-07-22
3 new actions, 3 new conditions | 2 updated actions, 2 updated resources
Additions
Actions
ListTagsForResource
Description:
Grants permission to list all tags for the resource
Access:
List
Resources:
Name: data-lake
Required: No
Name: subscriber
Required: No
TagResource
Description:
Grants permission to add tags to the resource
Access:
Tagging
Resources:
Name: data-lake
Required: No
Name: subscriber
Required: No
Conditions:
aws:RequestTag/${TagKey}
aws:TagKeys
UntagResource
Description:
Grants permission to remove tags from the resource
Access:
Tagging
Resources:
Name: data-lake
Required: No
Name: subscriber
Required: No
Conditions:
aws:TagKeys
Conditions
aws:RequestTag/${TagKey}
Description:
Filters access by tags that are passed in the request
Type:
String
aws:ResourceTag/${TagKey}
Description:
Filters access by a tag key and value pair of a resource
Type:
String
aws:TagKeys
Description:
Filters access by tag keys that are passed in the request
Type:
ArrayOfString
Updates
Actions
CreateDataLake
Conditions
+ aws:RequestTag/${TagKey}
+ aws:TagKeys
CreateSubscriber
Conditions
+ aws:RequestTag/${TagKey}
+ aws:TagKeys
Resources
data-lake
Conditions
+ aws:RequestTag/${TagKey}
+ aws:ResourceTag/${TagKey}
subscriber
Conditions
+ aws:RequestTag/${TagKey}
+ aws:ResourceTag/${TagKey}