Change log of AWS IAM permissions

2026-06-23

28 new actions, 2 new resources | 1 updated action

Additions

Actions

ConnectMicrovm
- Description: Grants permission to connect to a Lambda MicroVM via HTTP (VPC Endpoint only)
- Access: Write
CreateMicrovmAuthToken
- Description: Grants permission to create an auth token for an AWS Lambda MicroVM
- Access: Write
- Resources:
  Name: microvmImage
  
  Required: Yes
CreateMicrovmImage
- Description: Grants permission to create an AWS Lambda MicroVM image
- Access: Write
- Conditions:
  aws:RequestTag/${TagKey}
  
  aws:TagKeys
- Dependents:
  iam:PassRole
  
  lambda:PassNetworkConnector
CreateMicrovmShellAuthToken
- Description: Grants permission to create a shell auth token for an AWS Lambda MicroVM
- Access: Write
- Resources:
  Name: microvmImage
  
  Required: Yes
CreateNetworkConnector
- Description: Grants permission to create an AWS Lambda network connector
- Access: Write
- Resources:
  Name: networkConnector
  
  Required: Yes
- Conditions:
  aws:RequestTag/${TagKey}
  
  aws:TagKeys
  
  lambda:SecurityGroupIds
  
  lambda:SubnetIds
- Dependents:
  iam:CreateServiceLinkedRole
  
  iam:PassRole
DeleteMicrovmImage
- Description: Grants permission to delete an AWS Lambda MicroVM image
- Access: Write
- Resources:
  Name: microvmImage
  
  Required: Yes
DeleteMicrovmImageVersion
- Description: Grants permission to delete a version of an AWS Lambda MicroVM image
- Access: Write
- Resources:
  Name: microvmImage
  
  Required: Yes
DeleteNetworkConnector
- Description: Grants permission to delete an AWS Lambda network connector
- Access: Write
- Resources:
  Name: networkConnector
  
  Required: Yes
GetMicrovm
- Description: Grants permission to view information about an AWS Lambda MicroVM
- Access: Read
- Resources:
  Name: microvmImage
  
  Required: Yes
GetMicrovmImage
- Description: Grants permission to view information about an AWS Lambda MicroVM image
- Access: Read
- Resources:
  Name: microvmImage
  
  Required: Yes
GetMicrovmImageBuild
- Description: Grants permission to view information about a build of an AWS Lambda MicroVM image version
- Access: Read
- Resources:
  Name: microvmImage
  
  Required: Yes
GetMicrovmImageVersion
- Description: Grants permission to view information about a version of an AWS Lambda MicroVM image
- Access: Read
- Resources:
  Name: microvmImage
  
  Required: Yes
GetNetworkConnector
- Description: Grants permission to view details about an AWS Lambda network connector
- Access: Read
- Resources:
  Name: networkConnector
  
  Required: Yes
ListManagedMicrovmImageVersions
- Description: Grants permission to retrieve a list of versions for a managed AWS Lambda MicroVM image
- Access: List
- Resources:
  Name: microvmImage
  
  Required: Yes
ListManagedMicrovmImages
- Description: Grants permission to retrieve a list of managed AWS Lambda MicroVM images
- Access: List
ListMicrovmImageBuilds
- Description: Grants permission to retrieve a list of builds for an AWS Lambda MicroVM image version
- Access: List
- Resources:
  Name: microvmImage
  
  Required: Yes
ListMicrovmImageVersions
- Description: Grants permission to retrieve a list of versions for an AWS Lambda MicroVM image
- Access: List
- Resources:
  Name: microvmImage
  
  Required: Yes
ListMicrovmImages
- Description: Grants permission to retrieve a list of AWS Lambda MicroVM images
- Access: List
ListMicrovms
- Description: Grants permission to retrieve a list of AWS Lambda MicroVMs
- Access: List
ListNetworkConnectors
- Description: Grants permission to retrieve a list of AWS Lambda network connectors
- Access: List
PassNetworkConnector
- Description: Grants permission to pass an AWS Lambda network connector to a service
- Access: Write
ResumeMicrovm
- Description: Grants permission to resume a suspended AWS Lambda MicroVM
- Access: Write
- Resources:
  Name: microvmImage
  
  Required: Yes
RunMicrovm
- Description: Grants permission to run an AWS Lambda MicroVM from a MicroVM image
- Access: Write
- Resources:
  Name: microvmImage
  
  Required: Yes
- Dependents:
  iam:PassRole
  
  lambda:PassNetworkConnector
SuspendMicrovm
- Description: Grants permission to suspend an AWS Lambda MicroVM
- Access: Write
- Resources:
  Name: microvmImage
  
  Required: Yes
TerminateMicrovm
- Description: Grants permission to terminate an AWS Lambda MicroVM
- Access: Write
- Resources:
  Name: microvmImage
  
  Required: Yes
UpdateMicrovmImage
- Description: Grants permission to update an AWS Lambda MicroVM image
- Access: Write
- Resources:
  Name: microvmImage
  
  Required: Yes
- Dependents:
  iam:PassRole
  
  lambda:PassNetworkConnector
UpdateMicrovmImageVersion
- Description: Grants permission to update a version of an AWS Lambda MicroVM image
- Access: Write
- Resources:
  Name: microvmImage
  
  Required: Yes
UpdateNetworkConnector
- Description: Grants permission to update an AWS Lambda network connector
- Access: Write
- Resources:
  Name: networkConnector
  
  Required: Yes

Resources

networkConnector
- Arn: arn:${Partition}:lambda:${Region}:${Account}:network-connector:${NetworkConnectorId}
- Conditions:
  aws:ResourceTag/${TagKey}
microvmImage
- Arn: arn:${Partition}:lambda:${Region}:${Account}:microvm-image:${MicrovmImageName}
- Conditions:
  aws:ResourceTag/${TagKey}

Updates

Actions

UpdateAlias
- ＋ microvmImage
- ＋ networkConnector

AWS Lambda (lambda)

Additions

Updates