2021-07-16
          
        2 new actions, 1 new resource | 5 updated actions
  
    
        
          
            Additions
          
              
                Actions
                
                    - 
                        DescribeSecurityGroupRules
                        
 
                              - 
                                Description: 
                                
                                    Grants permission to describe one or more of your security group rules
                                
                              
- 
                                Access: 
                                
                                    List
                                
                              
 
- 
                        ModifySecurityGroupRules
                        
 
                              - 
                                Description: 
                                
                                    Grants permission to modify the rules of a security group
                                
                              
- 
                                Access: 
                                
                                    Write
                                
                              
- 
                                Resources: 
                                
      
        Name: security-group
       
        Required: Yes
       
        Name: prefix-list
       
        Required: No
       
        Name: security-group-rule
       
        Required: No
       
- 
                                Conditions: 
                                
    aws:ResourceTag/${TagKey} ec2:Region ec2:ResourceTag/${TagKey} ec2:Vpc 
 
                Resources
                
                    - 
                        security-group-rule
                        
 
                              - 
                                Arn: 
                                
                                    arn:${Partition}:ec2:${Region}:${Account}:security-group-rule/${SecurityGroupRuleId}
                                
                              
- 
                                Conditions: 
                                
    aws:RequestTag/${TagKey} aws:ResourceTag/${TagKey} aws:TagKeys ec2:Region ec2:ResourceTag/${TagKey} 
 
 
        
          
            Updates
          
              
                Actions
                
                    - 
                        CreateReplaceRootVolumeTask
                        
 
                              Conditions
                              
 
- 
          + aws:RequestTag/${TagKey}
  
- 
          + aws:TagKeys
  
 
- 
                        CreateStoreImageTask
                        
 
                              Conditions
                              
 
- 
          + aws:ResourceTag/${TagKey}
  
- 
          + ec2:ImageType
  
- 
          + ec2:Public
  
- 
          + ec2:ResourceTag/${TagKey}
  
- 
          + ec2:RootDeviceType
  
 
- 
                        EnableImageDeprecation
                        
 
                              Description
                              
 
- 
        Old: Grants permission to enable deprecation of the specified AMI at the specified date and time.
        
 New: Grants permission to enable deprecation of the specified AMI at the specified date and time
 
- 
                        CreateTags
                        
 
                              Resources
                              
 
- 
          
              + security-group-rule
           
 
- 
                        DeleteTags
                        
 
                              Resources
                              
 
- 
          
              + security-group-rule