2025-11-06
10 new actions, 1 new resource, 3 new conditions | 30 updated actions, 3 updated resources | 3 removed conditions
Additions
Actions
-
CopyVolumes
-
Description:
Grants permission to create a copy of an EBS volume. Resource-level permissions specified for this action apply to the source and copied volume. Condition keys for the copied volume correspond to parameters specified in the CopyVolumes API request
-
Access:
Write
-
Resources:
Name: volume
Required: Yes
-
Conditions:
aws:RequestTag/${TagKey}
aws:TagKeys
ec2:AvailabilityZone
ec2:AvailabilityZoneId
ec2:Encrypted
ec2:ManagedResourceOperator
ec2:ParentSnapshot
ec2:ParentVolume
ec2:VolumeInitializationRate
ec2:VolumeIops
ec2:VolumeSize
ec2:VolumeThroughput
ec2:VolumeType
ec2:Region
-
Dependents:
ec2:CreateTags
-
CreateCapacityManagerDataExport
-
Description:
Grants permission to create a new S3 Data Export for Capacity Manager
-
Access:
Write
-
Resources:
Name: capacity-manager-data-export
Required: Yes
-
Conditions:
aws:RequestTag/${TagKey}
aws:TagKeys
ec2:Region
-
Dependents:
ec2:CreateTags
-
DeleteCapacityManagerDataExport
-
Description:
Grants permission to delete an existing Capacity Manager data export configuration
-
Access:
Write
-
Resources:
Name: capacity-manager-data-export
Required: Yes
-
Conditions:
aws:ResourceTag/${TagKey}
ec2:ResourceTag/${TagKey}
ec2:Region
-
DescribeCapacityManagerDataExports
-
Description:
Grants permission to describe one or more Capacity Manager data export configurations
-
Access:
List
-
Conditions:
ec2:Region
-
DisableCapacityManager
-
Description:
Grants permission to disable EC2 Capacity Manager for your account
-
Access:
Write
-
Conditions:
ec2:Region
-
EnableCapacityManager
-
Description:
Grants permission to enable EC2 Capacity Manager for your account
-
Access:
Write
-
Conditions:
ec2:Region
-
GetCapacityManagerAttributes
-
Description:
Grants permission to retrieve the current configuration and status of EC2 Capacity Manager
-
Access:
Read
-
Conditions:
ec2:Region
-
GetCapacityManagerMetricData
-
Description:
Grants permission to retrieve capacity usage metrics for your EC2 resources
-
Access:
Read
-
Conditions:
ec2:Region
-
GetCapacityManagerMetricDimensions
-
Description:
Grants permission to retrieve the available dimension values for capacity metrics within a specified time range
-
Access:
Read
-
Conditions:
ec2:Region
-
UpdateCapacityManagerOrganizationsAccess
-
Description:
Grants permission to update the Organizations access setting for EC2 Capacity Manager
-
Access:
Write
-
Conditions:
ec2:Region
Resources
-
capacity-manager-data-export
-
Arn:
arn:${Partition}:ec2:${Region}:${Account}:capacity-manager-data-export/${CapacityManagerDataExportId}
-
Conditions:
aws:RequestTag/${TagKey}
aws:ResourceTag/${TagKey}
aws:TagKeys
ec2:Attribute
ec2:Attribute/${AttributeName}
ec2:Region
ec2:ResourceTag/${TagKey}
Conditions
-
ec2:VpceMultiRegion
-
Description:
Filters access by multi region of the VPC endpoint service
-
Type:
String
-
ec2:VpceServiceRegion
-
Description:
Filters access by the region of the VPC endpoint service
-
Type:
String
-
ec2:VpceSupportedRegion
-
Description:
Filters access by the supported region of the VPC endpoint service
-
Type:
String
Deletions
Conditions
-
ec2:vpceMultiRegion
-
Description:
Filters access by multi region of the VPC endpoint service
-
Type:
String
-
ec2:vpceServiceRegion
-
Description:
Filters access by the region of the VPC endpoint service
-
Type:
String
-
ec2:vpceSupportedRegion
-
Description:
Filters access by the supported region of the VPC endpoint service
-
Type:
String