Amazon CodeGuru Security (codeguru-security)

2023-06-13

5 new actions, 3 new conditions | 3 updated actions, 1 updated resource

Additions

    Actions
  • GetMetricsSummary
    • Description:  Grants permission to retrieve AWS accout level metrics summary generated by CodeGuru Security
    • Access:  Read
  • ListFindingsMetrics
    • Description:  Grants permission to retrieve a list of account level findings metrics within a date range
    • Access:  List
  • ListTagsForResource
    • Description:  Grants permission to retrieve a list of tags for a scan name ARN
    • Access:  Read
    • Resources: 

      Name: ScanName

      Required: Yes
    • Conditions: 

      aws:ResourceTag/${TagKey}
  • TagResource
    • Description:  Grants permission to add tags to a scan name ARN
    • Access:  Tagging
    • Resources: 

      Name: ScanName

      Required: Yes
    • Conditions: 

      aws:TagKeys

      aws:RequestTag/${TagKey}
  • UntagResource
    • Description:  Grants permission to remove tags from a scan name ARN
    • Access:  Tagging
    • Resources: 

      Name: ScanName

      Required: Yes
    • Conditions: 

      aws:TagKeys
    Conditions
  • aws:RequestTag/${TagKey}
    • Description:  Filters access by the tags that are passed in the request
    • Type:  String
  • aws:ResourceTag/${TagKey}
    • Description:  Filters access by the tags associated with the resource
    • Type:  String
  • aws:TagKeys
    • Description:  Filters access by the tag keys that are passed in the request
    • Type:  ArrayOfString

Updates

    Actions
  • BatchGetFindings
      Resources
    • + ScanName
  • CreateScan
      Conditions
    • + aws:TagKeys
    • + aws:RequestTag/${TagKey}
  • GetScan
      Conditions
    • + aws:ResourceTag/${TagKey}
    Resources
  • ScanName
      Conditions
    • + aws:ResourceTag/${TagKey}