Amazon EC2 (ec2)

2024-08-13

3 new actions, 1 new resource, 1 new condition | 48 updated actions, 1 updated resource

Additions

    Actions
  • CreateIpamExternalResourceVerificationToken
    • Description:  Grants permission to create a verification token, which proves ownership of an external resource
    • Access:  Write
    • Resources: 

      Name: ipam

      Required: Yes

      Name: ipam-external-resource-verification-token

      Required: Yes

    • Conditions: 

      aws:ResourceTag/${TagKey}

      ec2:ResourceTag/${TagKey}

      aws:RequestTag/${TagKey}

      aws:TagKeys

      ec2:Region

    • Dependents: 

      ec2:CreateTags

  • DeleteIpamExternalResourceVerificationToken
    • Description:  Grants permission to delete a verification token, which proves ownership of an external resource
    • Access:  Write
    • Resources: 

      Name: ipam-external-resource-verification-token

      Required: Yes

    • Conditions: 

      aws:ResourceTag/${TagKey}

      ec2:ResourceTag/${TagKey}

      ec2:Region

  • DescribeIpamExternalResourceVerificationTokens
    • Description:  Grants permission to describe verification tokens, which proves ownership of an external resource
    • Access:  List
    • Conditions: 

      ec2:Region

    Resources
  • ipam-external-resource-verification-token
    • Arn:  arn:${Partition}:ec2::${Account}:ipam-external-resource-verification-token/${IpamExternalResourceVerificationTokenId}
    • Conditions: 

      aws:RequestTag/${TagKey}

      aws:ResourceTag/${TagKey}

      aws:TagKeys

      ec2:Attribute

      ec2:Attribute/${AttributeName}

      ec2:Region

      ec2:ResourceTag/${TagKey}

    Conditions
  • ec2:CpuOptionsAmdSevSnp
    • Description:  Filters access by the state of AMD SEV-SNP CPU Options. Currently, only US East (Ohio) and Europe (Ireland) are supported
    • Type:  String

Updates

    Resources
  • instance
      Conditions
    • + ec2:CpuOptionsAmdSevSnp