AWS Network Firewall (network-firewall)

2025-05-28

5 new actions, 1 new resource | 6 updated actions

Additions

Actions

CreateVpcEndpointAssociation
- Description: Grants permission to create an AWS Network Firewall vpc endpoint association
- Access: Write
- Resources:
  Name: Firewall
  
  Required: Yes
  
  Name: VpcEndpointAssociation
  
  Required: Yes
- Conditions:
  aws:RequestTag/${TagKey}
  
  aws:TagKeys
- Dependents:
  iam:CreateServiceLinkedRole
DeleteVpcEndpointAssociation
- Description: Grants permission to delete a vpc endpoint association
- Access: Write
- Resources:
  Name: VpcEndpointAssociation
  
  Required: Yes
DescribeFirewallMetadata
- Description: Grants permission to retrieve the high-level information about a firewall
- Access: Read
- Resources:
  Name: Firewall
  
  Required: Yes
DescribeVpcEndpointAssociation
- Description: Grants permission to retrieve the data objects that define a vpc endpoint association
- Access: Read
- Resources:
  Name: VpcEndpointAssociation
  
  Required: Yes
ListVpcEndpointAssociations
- Description: Grants permission to retrieve the metadata for vpc endpoint associations
- Access: List
- Resources:
  Name: VpcEndpointAssociation
  
  Required: Yes

Resources

VpcEndpointAssociation
- Arn: arn:${Partition}:network-firewall:${Region}:${Account}:vpc-endpoint-association/${Name}
- Conditions:
  aws:ResourceTag/${TagKey}

Updates

Actions

DeleteRuleGroup
- ＋ Firewall
DescribeTLSInspectionConfiguration
- ＋ Firewall
StartFlowFlush
- ＋ VpcEndpointAssociation
UntagResource
- ＋ Firewall
UpdateFirewallEncryptionConfiguration
- ＋ VpcEndpointAssociation
UpdateFirewallPolicy
- ＋ VpcEndpointAssociation