Change log of AWS IAM permissions

2024-04-30

7 new conditions | 54 updated actions, 7 updated resources

Additions

Conditions

ec2:transitGatewayAttachmentId
- Description: Filters access by the ID of a transit gateway attachment
- Type: String
ec2:transitGatewayConnectPeerId
- Description: Filters access by the ID of a transit gateway connect peer
- Type: String
ec2:transitGatewayId
- Description: Filters access by the ID of a transit gateway
- Type: String
ec2:transitGatewayMulticastDomainId
- Description: Filters access by the ID of a transit gateway multicast domain
- Type: String
ec2:transitGatewayPolicyTableId
- Description: Filters access by the ID of a transit gateway policy table
- Type: String
ec2:transitGatewayRouteTableAnnouncementId
- Description: Filters access by the ID of a transit gateway route table announcement
- Type: String
ec2:transitGatewayRouteTableId
- Description: Filters access by the ID of a transit gateway route table
- Type: String

Updates

Actions

AcceptTransitGatewayMulticastDomainAssociations
- ＋ ec2:transitGatewayAttachmentId
- ＋ ec2:transitGatewayMulticastDomainId
AcceptTransitGatewayPeeringAttachment
- ＋ ec2:transitGatewayAttachmentId
AcceptTransitGatewayVpcAttachment
- ＋ ec2:transitGatewayAttachmentId
AssociateTransitGatewayMulticastDomain
- ＋ ec2:transitGatewayAttachmentId
- ＋ ec2:transitGatewayMulticastDomainId
AssociateTransitGatewayPolicyTable
- ＋ ec2:transitGatewayAttachmentId
- ＋ ec2:transitGatewayPolicyTableId
AssociateTransitGatewayRouteTable
- ＋ ec2:transitGatewayAttachmentId
- ＋ ec2:transitGatewayRouteTableId
CreateFlowLogs
- ＋ ec2:transitGatewayId
- ＋ ec2:transitGatewayAttachmentId
CreateNetworkInsightsPath
- ＋ ec2:transitGatewayId
CreateTags
- ＋ ec2:transitGatewayId
- ＋ ec2:transitGatewayAttachmentId
- ＋ ec2:transitGatewayConnectPeerId
- ＋ ec2:transitGatewayMulticastDomainId
- ＋ ec2:transitGatewayPolicyTableId
- ＋ ec2:transitGatewayRouteTableId
- ＋ ec2:transitGatewayRouteTableAnnouncementId
CreateTransitGateway
- ＋ ec2:transitGatewayId
CreateTransitGatewayConnect
- ＋ ec2:transitGatewayAttachmentId
CreateTransitGatewayConnectPeer
- ＋ ec2:transitGatewayAttachmentId
- ＋ ec2:transitGatewayConnectPeerId
CreateTransitGatewayMulticastDomain
- ＋ ec2:transitGatewayId
- ＋ ec2:transitGatewayMulticastDomainId
CreateTransitGatewayPeeringAttachment
- ＋ ec2:transitGatewayId
- ＋ ec2:transitGatewayAttachmentId
CreateTransitGatewayPolicyTable
- ＋ ec2:transitGatewayId
- ＋ ec2:transitGatewayPolicyTableId
CreateTransitGatewayPrefixListReference
- ＋ ec2:transitGatewayRouteTableId
- ＋ ec2:transitGatewayAttachmentId
CreateTransitGatewayRoute
- ＋ ec2:transitGatewayRouteTableId
- ＋ ec2:transitGatewayAttachmentId
CreateTransitGatewayRouteTable
- ＋ ec2:transitGatewayId
- ＋ ec2:transitGatewayRouteTableId
CreateTransitGatewayRouteTableAnnouncement
- ＋ ec2:transitGatewayAttachmentId
- ＋ ec2:transitGatewayRouteTableId
- ＋ ec2:transitGatewayRouteTableAnnouncementId
CreateTransitGatewayVpcAttachment
- ＋ ec2:transitGatewayId
- ＋ ec2:transitGatewayAttachmentId
CreateVpnConnection
- ＋ ec2:transitGatewayId
- ＋ ec2:transitGatewayAttachmentId
DeleteTransitGateway
- ＋ ec2:transitGatewayId
DeleteTransitGatewayConnect
- ＋ ec2:transitGatewayAttachmentId
DeleteTransitGatewayConnectPeer
- ＋ ec2:transitGatewayConnectPeerId
DeleteTransitGatewayMulticastDomain
- ＋ ec2:transitGatewayMulticastDomainId
DeleteTransitGatewayPeeringAttachment
- ＋ ec2:transitGatewayAttachmentId
DeleteTransitGatewayPolicyTable
- ＋ ec2:transitGatewayPolicyTableId
DeleteTransitGatewayPrefixListReference
- ＋ ec2:transitGatewayRouteTableId
DeleteTransitGatewayRoute
- ＋ ec2:transitGatewayRouteTableId
DeleteTransitGatewayRouteTable
- ＋ ec2:transitGatewayRouteTableId
DeleteTransitGatewayRouteTableAnnouncement
- ＋ ec2:transitGatewayRouteTableAnnouncementId
DeleteTransitGatewayVpcAttachment
- ＋ ec2:transitGatewayAttachmentId
DeregisterTransitGatewayMulticastGroupMembers
- ＋ ec2:transitGatewayMulticastDomainId
DeregisterTransitGatewayMulticastGroupSources
- ＋ ec2:transitGatewayMulticastDomainId
DisableTransitGatewayRouteTablePropagation
- ＋ ec2:transitGatewayRouteTableId
- ＋ ec2:transitGatewayAttachmentId
- ＋ ec2:transitGatewayRouteTableAnnouncementId
DisassociateTransitGatewayMulticastDomain
- ＋ ec2:transitGatewayAttachmentId
- ＋ ec2:transitGatewayMulticastDomainId
DisassociateTransitGatewayPolicyTable
- ＋ ec2:transitGatewayAttachmentId
- ＋ ec2:transitGatewayPolicyTableId
DisassociateTransitGatewayRouteTable
- ＋ ec2:transitGatewayAttachmentId
- ＋ ec2:transitGatewayRouteTableId
EnableTransitGatewayRouteTablePropagation
- ＋ ec2:transitGatewayRouteTableId
- ＋ ec2:transitGatewayAttachmentId
- ＋ ec2:transitGatewayRouteTableAnnouncementId
GetTransitGatewayMulticastDomainAssociations
- ＋ ec2:transitGatewayMulticastDomainId
GetTransitGatewayPolicyTableAssociations
- ＋ ec2:transitGatewayPolicyTableId
GetTransitGatewayPolicyTableEntries
- ＋ ec2:transitGatewayPolicyTableId
ModifyTransitGateway
- ＋ ec2:transitGatewayId
- ＋ ec2:transitGatewayRouteTableId
ModifyTransitGatewayPrefixListReference
- ＋ ec2:transitGatewayRouteTableId
- ＋ ec2:transitGatewayAttachmentId
ModifyTransitGatewayVpcAttachment
- ＋ ec2:transitGatewayAttachmentId
RegisterTransitGatewayMulticastGroupMembers
- ＋ ec2:transitGatewayMulticastDomainId
RegisterTransitGatewayMulticastGroupSources
- ＋ ec2:transitGatewayMulticastDomainId
RejectTransitGatewayMulticastDomainAssociations
- ＋ ec2:transitGatewayAttachmentId
- ＋ ec2:transitGatewayMulticastDomainId
RejectTransitGatewayPeeringAttachment
- ＋ ec2:transitGatewayAttachmentId
RejectTransitGatewayVpcAttachment
- ＋ ec2:transitGatewayAttachmentId
ReplaceTransitGatewayRoute
- ＋ ec2:transitGatewayRouteTableId
- ＋ ec2:transitGatewayAttachmentId
RequestSpotFleet
- ＋ aws:RequestTag/${TagKey}
- ＋ aws:TagKeys
- ＋ ec2:CreateTags
SearchTransitGatewayMulticastGroups
- ＋ ec2:transitGatewayMulticastDomainId
SearchTransitGatewayRoutes
- ＋ ec2:transitGatewayRouteTableId

Resources

transit-gateway-attachment
- ＋ ec2:transitGatewayAttachmentId
transit-gateway-connect-peer
- ＋ ec2:transitGatewayConnectPeerId
transit-gateway
- ＋ ec2:transitGatewayId
transit-gateway-multicast-domain
- ＋ ec2:transitGatewayMulticastDomainId
transit-gateway-policy-table
- ＋ ec2:transitGatewayPolicyTableId
transit-gateway-route-table-announcement
- ＋ ec2:transitGatewayRouteTableAnnouncementId
transit-gateway-route-table
- ＋ ec2:transitGatewayRouteTableId

Amazon EC2 (ec2)

Additions

Updates