Amazon EC2 Image Builder (imagebuilder)

Additions

Actions

• CancelLifecycleExecution
  
  • Description:  Grants permission to cancel a lifecycle execution
  • Access:  Write
  • Resources: 

    Name: lifecycleExecution

    Required: Yes

• CreateLifecyclePolicy
  
  • Description:  Grants permission to create a new lifecycle policy
  • Access:  Write
  • Resources: 

    Name: lifecyclePolicy

    Required: Yes

  • Conditions: 

    aws:RequestTag/${TagKey}

    aws:TagKeys

    imagebuilder:LifecyclePolicyResourceType

  • Dependents: 

    iam:PassRole

    imagebuilder:TagResource

• DeleteLifecyclePolicy
  
  • Description:  Grants permission to delete a lifecycle policy
  • Access:  Write
  • Resources: 

    Name: lifecyclePolicy

    Required: Yes

• GetLifecycleExecution
  
  • Description:  Grants permission to view details about a lifecycle execution
  • Access:  Read
  • Resources: 

    Name: lifecycleExecution

    Required: Yes

• GetLifecyclePolicy
  
  • Description:  Grants permission to view details about a lifecycle policy
  • Access:  Read
  • Resources: 

    Name: lifecyclePolicy

    Required: Yes

• ListLifecycleExecutionResources
  
  • Description:  Grants permission to list resources for the specified lifecycle execution
  • Access:  List
  • Resources: 

    Name: lifecycleExecution

    Required: Yes

• ListLifecycleExecutions
  
  • Description:  Grants permission to list lifecycle executions for the specified resource
  • Access:  List
  • Resources: 

    Name: image

    Required: No

    Name: lifecyclePolicy

    Required: No

• ListLifecyclePolicies
  
  • Description:  Grants permission to list the lifecycle policies in your account
  • Access:  List
• StartResourceStateUpdate
  
  • Description:  Grants permission to start a state update for the specified resource
  • Access:  Write
  • Resources: 

    Name: image

    Required: Yes

• UpdateLifecyclePolicy
  
  • Description:  Grants permission to update an existing lifecycle policy
  • Access:  Write
  • Resources: 

    Name: lifecyclePolicy

    Required: Yes

  • Conditions: 

    imagebuilder:LifecyclePolicyResourceType

  • Dependents: 

    iam:PassRole

Resources

• lifecycleExecution
  
  • Arn:  arn:${Partition}:imagebuilder:${Region}:${Account}:lifecycle-execution/${LifecycleExecutionId}
• lifecyclePolicy
  
  • Arn:  arn:${Partition}:imagebuilder:${Region}:${Account}:lifecycle-policy/${LifecyclePolicyName}
  • Conditions: 

    aws:ResourceTag/${TagKey}

Conditions

• imagebuilder:LifecyclePolicyResourceType
  
  • Description:  Filters access by the Lifecycle Policy Resource Type specified in the request
  • Type:  String

Updates

Actions

• ListTagsForResource
  
  Resources
  
  • ＋ lifecyclePolicy
• TagResource
  
  Resources
  
  • ＋ lifecyclePolicy
• UntagResource
  
  Resources
  
  • ＋ lifecyclePolicy