Change log of AWS IAM permissions

2022-11-02

5 new actions, 1 new resource, 3 new conditions | 2 updated actions

Actions

CreateVpcIngressConnection
- Description: Grants permission to create an AWS App Runner VpcIngressConnection resource
- Access: Write
- Resources:
  Name: vpcingressconnection
  
  Required: Yes
- Conditions:
  aws:RequestTag/${TagKey}
  
  aws:TagKeys
  
  apprunner:ServiceArn
  
  apprunner:VpcId
  
  apprunner:VpcEndpointId
DeleteVpcIngressConnection
- Description: Grants permission to delete an AWS App Runner VpcIngressConnection resource
- Access: Write
- Resources:
  Name: vpcingressconnection
  
  Required: Yes
DescribeVpcIngressConnection
- Description: Grants permission to retrieve the description of an AWS App Runner VpcIngressConnection resource
- Access: Read
- Resources:
  Name: vpcingressconnection
  
  Required: Yes
ListVpcIngressConnections
- Description: Grants permission to retrieve a list of AWS App Runner VpcIngressConnections in your AWS account
- Access: List
UpdateVpcIngressConnection
- Description: Grants permission to update an AWS App Runner VpcIngressConnection resource
- Access: Write
- Resources:
  Name: vpcingressconnection
  
  Required: Yes
- Conditions:
  apprunner:VpcId
  
  apprunner:VpcEndpointId

Resources

vpcingressconnection
- Arn: arn:${Partition}:apprunner:${Region}:${Account}:vpcingressconnection/${VpcIngressConnectionName}/${VpcIngressConnectionId}
- Conditions:
  aws:ResourceTag/${TagKey}

Conditions

apprunner:ServiceArn
- Description: Filters access by the CreateVpcIngressConnection action based on the ARN of an associated Service resource
- Type: ARN
apprunner:VpcEndpointId
- Description: Filters access by the CreateVpcIngressConnection and UpdateVpcIngressConnection actions based on the VPC Endpoint in the request
- Type: String
apprunner:VpcId
- Description: Filters access by the CreateVpcIngressConnection and UpdateVpcIngressConnection actions based on the VPC in the request
- Type: String

Actions

AWS App Runner (apprunner)