ec2:*AWS Amazon EC2 IAM Actions
780 IAM actions for ec2:*
Actions
780 actions available. Filter by access level or search by name.
Filter:
| Action | Access Level |
|---|---|
ec2:AcceptAddressTransfer | Write |
ec2:AcceptCapacityReservationBillingOwnership | Write |
ec2:AcceptReservedInstancesExchangeQuote | Write |
ec2:AcceptTransitGatewayMulticastDomainAssociations | Write |
ec2:AcceptTransitGatewayPeeringAttachment | Write |
ec2:AcceptTransitGatewayVpcAttachment | Write |
ec2:AcceptVpcEndpointConnections | Write |
ec2:AcceptVpcPeeringConnection | Write |
ec2:AdvertiseByoipCidr | Read |
ec2:AllocateAddress | Write |
ec2:AllocateHosts | Write |
ec2:AllocateIpamPoolCidr | Write |
ec2:ApplySecurityGroupsToClientVpnTargetNetwork | Read |
ec2:AssignIpv6Addresses | Write |
ec2:AssignPrivateIpAddresses | Write |
ec2:AssignPrivateNatGatewayAddress | Write |
ec2:AssociateAddress | Write |
ec2:AssociateCapacityReservationBillingOwner | Write |
ec2:AssociateClientVpnTargetNetwork | Write |
ec2:AssociateDhcpOptions | Write |
ec2:AssociateEnclaveCertificateIamRole | Permissions |
ec2:AssociateIamInstanceProfile | Write |
ec2:AssociateInstanceEventWindow | Write |
ec2:AssociateIpamByoasn | Write |
ec2:AssociateIpamResourceDiscovery | Write |
ec2:AssociateNatGatewayAddress | Write |
ec2:AssociateRouteServer | Write |
ec2:AssociateRouteTable | Write |
ec2:AssociateSecurityGroupVpc | Write |
ec2:AssociateSubnetCidrBlock | Write |
ec2:AssociateTransitGatewayMulticastDomain | Write |
ec2:AssociateTransitGatewayPolicyTable | Permissions |
ec2:AssociateTransitGatewayRouteTable | Write |
ec2:AssociateTrunkInterface | Write |
ec2:AssociateVerifiedAccessInstanceWebAcl | Write |
ec2:AssociateVpcCidrBlock | Write |
ec2:AttachApplianceToNatGateway | Write |
ec2:AttachClassicLinkVpc | Write |
ec2:AttachInternetGateway | Write |
ec2:AttachNetworkInterface | Write |
ec2:AttachResourcesToPlacementGroup | Write |
ec2:AttachVerifiedAccessTrustProvider | Write |
ec2:AttachVolume | Write |
ec2:AttachVpnGateway | Write |
ec2:AuthorizeClientVpnIngress | Read |
ec2:AuthorizeSecurityGroupEgress | Read |
ec2:AuthorizeSecurityGroupIngress | Read |
ec2:BundleInstance | Read |
ec2:CancelBundleTask | Write |
ec2:CancelCapacityReservation | Write |
ec2:CancelCapacityReservationFleets | Write |
ec2:CancelConversionTask | Write |
ec2:CancelDeclarativePoliciesReport | Write |
ec2:CancelExportTask | Write |
ec2:CancelImageLaunchPermission | Permissions |
ec2:CancelImportTask | Write |
ec2:CancelReservedInstancesListing | Write |
ec2:CancelSpotFleetRequests | Write |
ec2:CancelSpotInstanceRequests | Write |
ec2:ConfirmProductInstance | Read |
ec2:CopyFpgaImage | Write |
ec2:CopyImage | Write |
ec2:CopySnapshot | Write |
ec2:CopyVolumes | Write |
ec2:CreateCapacityManagerDataExport | Write |
ec2:CreateCapacityReservation | Write |
ec2:CreateCapacityReservationBySplitting | Write |
ec2:CreateCapacityReservationFleet | Write |
ec2:CreateCarrierGateway | Write |
ec2:CreateClientVpnEndpoint | Write |
ec2:CreateClientVpnRoute | Write |
ec2:CreateCoipCidr | Write |
ec2:CreateCoipPool | Write |
ec2:CreateCoipPoolPermission | Permissions |
ec2:CreateCustomerGateway | Write |
ec2:CreateDefaultSubnet | Write |
ec2:CreateDefaultVpc | Write |
ec2:CreateDelegateMacVolumeOwnershipTask | Write |
ec2:CreateDhcpOptions | Write |
ec2:CreateEgressOnlyInternetGateway | Write |
ec2:CreateFleet | Write |
ec2:CreateFlowLogs | Write |
ec2:CreateFpgaImage | Write |
ec2:CreateImage | Write |
ec2:CreateImageUsageReport | Write |
ec2:CreateInstanceConnectEndpoint | Write |
ec2:CreateInstanceEventWindow | Write |
ec2:CreateInstanceExportTask | Write |
ec2:CreateInternetGateway | Write |
ec2:CreateInterruptibleCapacityReservationAllocation | Write |
ec2:CreateIpam | Write |
ec2:CreateIpamExternalResourceVerificationToken | Write |
ec2:CreateIpamPolicy | Permissions |
ec2:CreateIpamPool | Write |
ec2:CreateIpamPrefixListResolver | Write |
ec2:CreateIpamPrefixListResolverTarget | Write |
ec2:CreateIpamResourceDiscovery | Write |
ec2:CreateIpamScope | Write |
ec2:CreateKeyPair | Write |
ec2:CreateLaunchTemplate | Write |
ec2:CreateLaunchTemplateVersion | Write |
ec2:CreateLocalGatewayRoute | Write |
ec2:CreateLocalGatewayRouteTable | Write |
ec2:CreateLocalGatewayRouteTablePermission | Permissions |
ec2:CreateLocalGatewayRouteTableVirtualInterfaceGroupAssociation | Write |
ec2:CreateLocalGatewayRouteTableVpcAssociation | Write |
ec2:CreateLocalGatewayVirtualInterface | Write |
ec2:CreateLocalGatewayVirtualInterfaceGroup | Write |
ec2:CreateMacSystemIntegrityProtectionModificationTask | Write |
ec2:CreateManagedPrefixList | Write |
ec2:CreateNatGateway | Write |
ec2:CreateNetworkAcl | Write |
ec2:CreateNetworkAclEntry | Write |
ec2:CreateNetworkInsightsAccessScope | Write |
ec2:CreateNetworkInsightsPath | Write |
ec2:CreateNetworkInterface | Write |
ec2:CreateNetworkInterfacePermission | Permissions |
ec2:CreateOdbNetworkPeering | Write |
ec2:CreatePlacementGroup | Write |
ec2:CreatePublicIpv4Pool | Write |
ec2:CreateReplaceRootVolumeTask | Write |
ec2:CreateReservedInstancesListing | Write |
ec2:CreateRestoreImageTask | Write |
ec2:CreateRoute | Write |
ec2:CreateRouteServer | Write |
ec2:CreateRouteServerEndpoint | Write |
ec2:CreateRouteServerPeer | Write |
ec2:CreateRouteTable | Write |
ec2:CreateSecondaryNetwork | Write |
ec2:CreateSecondarySubnet | Write |
ec2:CreateSecurityGroup | Write |
ec2:CreateSnapshot | Write |
ec2:CreateSnapshots | Write |
ec2:CreateSpotDatafeedSubscription | Write |
ec2:CreateStoreImageTask | Write |
ec2:CreateSubnet | Write |
ec2:CreateSubnetCidrReservation | Write |
ec2:CreateTags | Tagging |
ec2:CreateTrafficMirrorFilter | Write |
ec2:CreateTrafficMirrorFilterRule | Write |
ec2:CreateTrafficMirrorSession | Write |
ec2:CreateTrafficMirrorTarget | Write |
ec2:CreateTransitGateway | Write |
ec2:CreateTransitGatewayConnect | Write |
ec2:CreateTransitGatewayConnectPeer | Write |
ec2:CreateTransitGatewayMeteringPolicy | Permissions |
ec2:CreateTransitGatewayMeteringPolicyEntry | Permissions |
ec2:CreateTransitGatewayMulticastDomain | Write |
ec2:CreateTransitGatewayPeeringAttachment | Write |
ec2:CreateTransitGatewayPolicyTable | Permissions |
ec2:CreateTransitGatewayPrefixListReference | Write |
ec2:CreateTransitGatewayRoute | Write |
ec2:CreateTransitGatewayRouteTable | Write |
ec2:CreateTransitGatewayRouteTableAnnouncement | Write |
ec2:CreateTransitGatewayVpcAttachment | Write |
ec2:CreateVerifiedAccessEndpoint | Write |
ec2:CreateVerifiedAccessGroup | Write |
ec2:CreateVerifiedAccessInstance | Write |
ec2:CreateVerifiedAccessTrustProvider | Write |
ec2:CreateVolume | Write |
ec2:CreateVpc | Write |
ec2:CreateVpcBlockPublicAccessExclusion | Write |
ec2:CreateVpcEncryptionControl | Write |
ec2:CreateVpcEndpoint | Write |
ec2:CreateVpcEndpointConnectionNotification | Write |
ec2:CreateVpcEndpointServiceConfiguration | Write |
ec2:CreateVpcPeeringConnection | Write |
ec2:CreateVpnConcentrator | Write |
ec2:CreateVpnConnection | Write |
ec2:CreateVpnConnectionRoute | Write |
ec2:CreateVpnGateway | Write |
ec2:DeleteCapacityManagerDataExport | Write |
ec2:DeleteCarrierGateway | Write |
ec2:DeleteClientVpnEndpoint | Write |
ec2:DeleteClientVpnRoute | Write |
ec2:DeleteCoipCidr | Write |
ec2:DeleteCoipPool | Write |
ec2:DeleteCoipPoolPermission | Permissions |
ec2:DeleteCustomerGateway | Write |
ec2:DeleteDhcpOptions | Write |
ec2:DeleteEgressOnlyInternetGateway | Write |
ec2:DeleteFleets | Write |
ec2:DeleteFlowLogs | Write |
ec2:DeleteFpgaImage | Write |
ec2:DeleteImageUsageReport | Write |
ec2:DeleteInstanceConnectEndpoint | Write |
ec2:DeleteInstanceEventWindow | Write |
ec2:DeleteInternetGateway | Write |
ec2:DeleteIpam | Write |
ec2:DeleteIpamExternalResourceVerificationToken | Write |
ec2:DeleteIpamPolicy | Permissions |
ec2:DeleteIpamPool | Write |
ec2:DeleteIpamPrefixListResolver | Write |
ec2:DeleteIpamPrefixListResolverTarget | Write |
ec2:DeleteIpamResourceDiscovery | Write |
ec2:DeleteIpamScope | Write |
ec2:DeleteKeyPair | Write |
ec2:DeleteLaunchTemplate | Write |
ec2:DeleteLaunchTemplateVersions | Write |
ec2:DeleteLocalGatewayRoute | Write |
ec2:DeleteLocalGatewayRouteTable | Write |
ec2:DeleteLocalGatewayRouteTablePermission | Permissions |
ec2:DeleteLocalGatewayRouteTableVirtualInterfaceGroupAssociation | Write |
ec2:DeleteLocalGatewayRouteTableVpcAssociation | Write |
ec2:DeleteLocalGatewayVirtualInterface | Write |
ec2:DeleteLocalGatewayVirtualInterfaceGroup | Write |
ec2:DeleteManagedPrefixList | Write |
ec2:DeleteNatGateway | Write |
ec2:DeleteNetworkAcl | Write |
ec2:DeleteNetworkAclEntry | Write |
ec2:DeleteNetworkInsightsAccessScope | Write |
ec2:DeleteNetworkInsightsAccessScopeAnalysis | Write |
ec2:DeleteNetworkInsightsAnalysis | Write |
ec2:DeleteNetworkInsightsPath | Write |
ec2:DeleteNetworkInterface | Write |
ec2:DeleteNetworkInterfacePermission | Permissions |
ec2:DeleteOdbNetworkPeering | Write |
ec2:DeletePlacementGroup | Write |
ec2:DeletePublicIpv4Pool | Write |
ec2:DeleteQueuedReservedInstances | Write |
ec2:DeleteResourcePolicy | Permissions |
ec2:DeleteRoute | Write |
ec2:DeleteRouteServer | Write |
ec2:DeleteRouteServerEndpoint | Write |
ec2:DeleteRouteServerPeer | Write |
ec2:DeleteRouteTable | Write |
ec2:DeleteSecondaryNetwork | Write |
ec2:DeleteSecondarySubnet | Write |
ec2:DeleteSecurityGroup | Write |
ec2:DeleteSnapshot | Write |
ec2:DeleteSpotDatafeedSubscription | Write |
ec2:DeleteSubnet | Write |
ec2:DeleteSubnetCidrReservation | Write |
ec2:DeleteTags | Tagging |
ec2:DeleteTrafficMirrorFilter | Write |
ec2:DeleteTrafficMirrorFilterRule | Write |
ec2:DeleteTrafficMirrorSession | Write |
ec2:DeleteTrafficMirrorTarget | Write |
ec2:DeleteTransitGateway | Write |
ec2:DeleteTransitGatewayConnect | Write |
ec2:DeleteTransitGatewayConnectPeer | Write |
ec2:DeleteTransitGatewayMeteringPolicy | Permissions |
ec2:DeleteTransitGatewayMeteringPolicyEntry | Permissions |
ec2:DeleteTransitGatewayMulticastDomain | Write |
ec2:DeleteTransitGatewayPeeringAttachment | Write |
ec2:DeleteTransitGatewayPolicyTable | Permissions |
ec2:DeleteTransitGatewayPrefixListReference | Write |
ec2:DeleteTransitGatewayRoute | Write |
ec2:DeleteTransitGatewayRouteTable | Write |
ec2:DeleteTransitGatewayRouteTableAnnouncement | Write |
ec2:DeleteTransitGatewayVpcAttachment | Write |
ec2:DeleteVerifiedAccessEndpoint | Write |
ec2:DeleteVerifiedAccessGroup | Write |
ec2:DeleteVerifiedAccessInstance | Write |
ec2:DeleteVerifiedAccessTrustProvider | Write |
ec2:DeleteVolume | Write |
ec2:DeleteVpc | Write |
ec2:DeleteVpcBlockPublicAccessExclusion | Write |
ec2:DeleteVpcEncryptionControl | Write |
ec2:DeleteVpcEndpointConnectionNotifications | Write |
ec2:DeleteVpcEndpoints | Write |
ec2:DeleteVpcEndpointServiceConfigurations | Write |
ec2:DeleteVpcPeeringConnection | Write |
ec2:DeleteVpnConcentrator | Write |
ec2:DeleteVpnConnection | Write |
ec2:DeleteVpnConnectionRoute | Write |
ec2:DeleteVpnGateway | Write |
ec2:DeprovisionByoipCidr | Read |
ec2:DeprovisionIpamByoasn | Read |
ec2:DeprovisionIpamPoolCidr | Read |
ec2:DeprovisionPublicIpv4PoolCidr | Read |
ec2:DeregisterImage | Write |
ec2:DeregisterInstanceEventNotificationAttributes | Write |
ec2:DeregisterTransitGatewayMulticastGroupMembers | Write |
ec2:DeregisterTransitGatewayMulticastGroupSources | Write |
ec2:DescribeAccountAttributes | Read |
ec2:DescribeAddresses | Read |
ec2:DescribeAddressesAttribute | Read |
ec2:DescribeAddressTransfers | Read |
ec2:DescribeAggregateIdFormat | Read |
ec2:DescribeAvailabilityZones | Read |
ec2:DescribeAwsNetworkPerformanceMetricSubscriptions | Read |
ec2:DescribeBundleTasks | Read |
ec2:DescribeByoipCidrs | Read |
ec2:DescribeCapacityBlockExtensionHistory | Read |
ec2:DescribeCapacityBlockExtensionOfferings | Read |
ec2:DescribeCapacityBlockOfferings | Read |
ec2:DescribeCapacityBlocks | Read |
ec2:DescribeCapacityBlockStatus | Read |
ec2:DescribeCapacityManagerDataExports | Read |
ec2:DescribeCapacityReservationBillingRequests | Read |
ec2:DescribeCapacityReservationFleets | Read |
ec2:DescribeCapacityReservations | Read |
ec2:DescribeCapacityReservationTopology | Read |
ec2:DescribeCarrierGateways | Read |
ec2:DescribeClassicLinkInstances | Read |
ec2:DescribeClientVpnAuthorizationRules | Read |
ec2:DescribeClientVpnConnections | Read |
ec2:DescribeClientVpnEndpoints | Read |
ec2:DescribeClientVpnRoutes | Read |
ec2:DescribeClientVpnTargetNetworks | Read |
ec2:DescribeCoipPools | Read |
ec2:DescribeConversionTasks | Read |
ec2:DescribeCustomerGateways | Read |
ec2:DescribeDeclarativePoliciesReports | Read |
ec2:DescribeDhcpOptions | Read |
ec2:DescribeEgressOnlyInternetGateways | Read |
ec2:DescribeElasticGpus | Read |
ec2:DescribeExportImageTasks | Read |
ec2:DescribeExportTasks | Read |
ec2:DescribeFastLaunchImages | Read |
ec2:DescribeFastSnapshotRestores | Read |
ec2:DescribeFleetHistory | Read |
ec2:DescribeFleetInstances | Read |
ec2:DescribeFleets | Read |
ec2:DescribeFlowLogs | Read |
ec2:DescribeFpgaImageAttribute | Read |
ec2:DescribeFpgaImages | Read |
ec2:DescribeHostReservationOfferings | Read |
ec2:DescribeHostReservations | Read |
ec2:DescribeHosts | Read |
ec2:DescribeIamInstanceProfileAssociations | Read |
ec2:DescribeIdentityIdFormat | Read |
ec2:DescribeIdFormat | Read |
ec2:DescribeImageAttribute | Read |
ec2:DescribeImageReferences | Read |
ec2:DescribeImages | Read |
ec2:DescribeImageUsageReportEntries | Read |
ec2:DescribeImageUsageReports | Read |
ec2:DescribeImportImageTasks | Read |
ec2:DescribeImportSnapshotTasks | Read |
ec2:DescribeInstanceAttribute | Read |
ec2:DescribeInstanceConnectEndpoints | Read |
ec2:DescribeInstanceCreditSpecifications | Read |
ec2:DescribeInstanceEventNotificationAttributes | Read |
ec2:DescribeInstanceEventWindows | Read |
ec2:DescribeInstanceImageMetadata | Read |
ec2:DescribeInstances | Read |
ec2:DescribeInstanceSqlHaHistoryStates | Read |
ec2:DescribeInstanceSqlHaStates | Read |
ec2:DescribeInstanceStatus | Read |
ec2:DescribeInstanceTopology | Read |
ec2:DescribeInstanceTypeOfferings | Read |
ec2:DescribeInstanceTypes | Read |
ec2:DescribeInternetGateways | Read |
ec2:DescribeIpamByoasn | Read |
ec2:DescribeIpamExternalResourceVerificationTokens | Read |
ec2:DescribeIpamPolicies | Read |
ec2:DescribeIpamPools | Read |
ec2:DescribeIpamPrefixListResolvers | Read |
ec2:DescribeIpamPrefixListResolverTargets | Read |
ec2:DescribeIpamResourceDiscoveries | Read |
ec2:DescribeIpamResourceDiscoveryAssociations | Read |
ec2:DescribeIpams | Read |
ec2:DescribeIpamScopes | Read |
ec2:DescribeIpv6Pools | Read |
ec2:DescribeKeyPairs | Read |
ec2:DescribeLaunchTemplates | Read |
ec2:DescribeLaunchTemplateVersions | Read |
ec2:DescribeLocalGatewayRouteTablePermissions | Permissions |
ec2:DescribeLocalGatewayRouteTables | Read |
ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations | Read |
ec2:DescribeLocalGatewayRouteTableVpcAssociations | Read |
ec2:DescribeLocalGateways | Read |
ec2:DescribeLocalGatewayVirtualInterfaceGroups | Read |
ec2:DescribeLocalGatewayVirtualInterfaces | Read |
ec2:DescribeLockedSnapshots | Read |
ec2:DescribeMacHosts | Read |
ec2:DescribeMacModificationTasks | Read |
ec2:DescribeManagedPrefixLists | Read |
ec2:DescribeMovingAddresses | Read |
ec2:DescribeNatGateways | Read |
ec2:DescribeNetworkAcls | Read |
ec2:DescribeNetworkInsightsAccessScopeAnalyses | Read |
ec2:DescribeNetworkInsightsAccessScopes | Read |
ec2:DescribeNetworkInsightsAnalyses | Read |
ec2:DescribeNetworkInsightsPaths | Read |
ec2:DescribeNetworkInterfaceAttribute | Read |
ec2:DescribeNetworkInterfacePermissions | Permissions |
ec2:DescribeNetworkInterfaces | Read |
ec2:DescribeOutpostLags | Read |
ec2:DescribePlacementGroups | Read |
ec2:DescribePrefixLists | Read |
ec2:DescribePrincipalIdFormat | Read |
ec2:DescribePublicIpv4Pools | Read |
ec2:DescribeRegions | Read |
ec2:DescribeReplaceRootVolumeTasks | Read |
ec2:DescribeReservedInstances | Read |
ec2:DescribeReservedInstancesListings | Read |
ec2:DescribeReservedInstancesModifications | Read |
ec2:DescribeReservedInstancesOfferings | Read |
ec2:DescribeRouteServerEndpoints | Read |
ec2:DescribeRouteServerPeers | Read |
ec2:DescribeRouteServers | Read |
ec2:DescribeRouteTables | Read |
ec2:DescribeScheduledInstanceAvailability | Read |
ec2:DescribeScheduledInstances | Read |
ec2:DescribeSecondaryInterfaces | Read |
ec2:DescribeSecondaryNetworks | Read |
ec2:DescribeSecondarySubnets | Read |
ec2:DescribeSecurityGroupReferences | Read |
ec2:DescribeSecurityGroupRules | Read |
ec2:DescribeSecurityGroups | Read |
ec2:DescribeSecurityGroupVpcAssociations | Read |
ec2:DescribeServiceLinkVirtualInterfaces | Read |
ec2:DescribeSnapshotAttribute | Read |
ec2:DescribeSnapshots | Read |
ec2:DescribeSnapshotTierStatus | Read |
ec2:DescribeSpotDatafeedSubscription | Read |
ec2:DescribeSpotFleetInstances | Read |
ec2:DescribeSpotFleetRequestHistory | Read |
ec2:DescribeSpotFleetRequests | Read |
ec2:DescribeSpotInstanceRequests | Read |
ec2:DescribeSpotPriceHistory | Read |
ec2:DescribeStaleSecurityGroups | Read |
ec2:DescribeStoreImageTasks | Read |
ec2:DescribeSubnets | Read |
ec2:DescribeTags | Tagging |
ec2:DescribeTrafficMirrorFilterRules | Read |
ec2:DescribeTrafficMirrorFilters | Read |
ec2:DescribeTrafficMirrorSessions | Read |
ec2:DescribeTrafficMirrorTargets | Read |
ec2:DescribeTransitGatewayAttachments | Read |
ec2:DescribeTransitGatewayConnectPeers | Read |
ec2:DescribeTransitGatewayConnects | Read |
ec2:DescribeTransitGatewayMeteringPolicies | Read |
ec2:DescribeTransitGatewayMulticastDomains | Read |
ec2:DescribeTransitGatewayPeeringAttachments | Read |
ec2:DescribeTransitGatewayPolicyTables | Permissions |
ec2:DescribeTransitGatewayRouteTableAnnouncements | Read |
ec2:DescribeTransitGatewayRouteTables | Read |
ec2:DescribeTransitGateways | Read |
ec2:DescribeTransitGatewayVpcAttachments | Read |
ec2:DescribeTrunkInterfaceAssociations | Read |
ec2:DescribeVerifiedAccessEndpoints | Read |
ec2:DescribeVerifiedAccessGroups | Read |
ec2:DescribeVerifiedAccessInstanceLoggingConfigurations | Read |
ec2:DescribeVerifiedAccessInstances | Read |
ec2:DescribeVerifiedAccessInstanceWebAclAssociations | Read |
ec2:DescribeVerifiedAccessTrustProviders | Read |
ec2:DescribeVolumeAttribute | Read |
ec2:DescribeVolumes | Read |
ec2:DescribeVolumesModifications | Read |
ec2:DescribeVolumeStatus | Read |
ec2:DescribeVpcAttribute | Read |
ec2:DescribeVpcBlockPublicAccessExclusions | Read |
ec2:DescribeVpcBlockPublicAccessOptions | Read |
ec2:DescribeVpcClassicLink | Read |
ec2:DescribeVpcClassicLinkDnsSupport | Read |
ec2:DescribeVpcEncryptionControls | Read |
ec2:DescribeVpcEndpointAssociations | Read |
ec2:DescribeVpcEndpointConnectionNotifications | Read |
ec2:DescribeVpcEndpointConnections | Read |
ec2:DescribeVpcEndpoints | Read |
ec2:DescribeVpcEndpointServiceConfigurations | Read |
ec2:DescribeVpcEndpointServicePermissions | Permissions |
ec2:DescribeVpcEndpointServices | Read |
ec2:DescribeVpcPeeringConnections | Read |
ec2:DescribeVpcs | Read |
ec2:DescribeVpnConcentrators | Read |
ec2:DescribeVpnConnections | Read |
ec2:DescribeVpnGateways | Read |
ec2:DetachApplianceFromNatGateway | Write |
ec2:DetachClassicLinkVpc | Write |
ec2:DetachInternetGateway | Write |
ec2:DetachNetworkInterface | Write |
ec2:DetachResourcesFromPlacementGroup | Write |
ec2:DetachVerifiedAccessTrustProvider | Write |
ec2:DetachVolume | Write |
ec2:DetachVpnGateway | Write |
ec2:DisableAddressTransfer | Write |
ec2:DisableAllowedImagesSettings | Write |
ec2:DisableAwsNetworkPerformanceMetricSubscription | Write |
ec2:DisableCapacityManager | Write |
ec2:DisableEbsEncryptionByDefault | Write |
ec2:DisableFastLaunch | Write |
ec2:DisableFastSnapshotRestores | Write |
ec2:DisableImage | Write |
ec2:DisableImageBlockPublicAccess | Write |
ec2:DisableImageDeprecation | Write |
ec2:DisableImageDeregistrationProtection | Write |
ec2:DisableInstanceSqlHaStandbyDetections | Write |
ec2:DisableIpamOrganizationAdminAccount | Write |
ec2:DisableIpamPolicy | Permissions |
ec2:DisableRouteServerPropagation | Write |
ec2:DisableSerialConsoleAccess | Write |
ec2:DisableSnapshotBlockPublicAccess | Write |
ec2:DisableTransitGatewayRouteTablePropagation | Write |
ec2:DisableVgwRoutePropagation | Write |
ec2:DisableVpcClassicLink | Write |
ec2:DisableVpcClassicLinkDnsSupport | Write |
ec2:DisassociateAddress | Write |
ec2:DisassociateCapacityReservationBillingOwner | Write |
ec2:DisassociateClientVpnTargetNetwork | Write |
ec2:DisassociateEnclaveCertificateIamRole | Permissions |
ec2:DisassociateIamInstanceProfile | Write |
ec2:DisassociateInstanceEventWindow | Write |
ec2:DisassociateIpamByoasn | Write |
ec2:DisassociateIpamResourceDiscovery | Write |
ec2:DisassociateNatGatewayAddress | Write |
ec2:DisassociateRouteServer | Write |
ec2:DisassociateRouteTable | Write |
ec2:DisassociateSecurityGroupVpc | Write |
ec2:DisassociateSubnetCidrBlock | Write |
ec2:DisassociateTransitGatewayMulticastDomain | Write |
ec2:DisassociateTransitGatewayPolicyTable | Permissions |
ec2:DisassociateTransitGatewayRouteTable | Write |
ec2:DisassociateTrunkInterface | Write |
ec2:DisassociateVerifiedAccessInstanceWebAcl | Write |
ec2:DisassociateVpcCidrBlock | Write |
ec2:EnableAddressTransfer | Write |
ec2:EnableAllowedImagesSettings | Write |
ec2:EnableAwsNetworkPerformanceMetricSubscription | Write |
ec2:EnableCapacityManager | Write |
ec2:EnableEbsEncryptionByDefault | Write |
ec2:EnableFastLaunch | Write |
ec2:EnableFastSnapshotRestores | Write |
ec2:EnableImage | Write |
ec2:EnableImageBlockPublicAccess | Write |
ec2:EnableImageDeprecation | Write |
ec2:EnableImageDeregistrationProtection | Write |
ec2:EnableInstanceSqlHaStandbyDetections | Write |
ec2:EnableIpamOrganizationAdminAccount | Write |
ec2:EnableIpamPolicy | Permissions |
ec2:EnableReachabilityAnalyzerOrganizationSharing | Write |
ec2:EnableRouteServerPropagation | Write |
ec2:EnableSerialConsoleAccess | Write |
ec2:EnableSnapshotBlockPublicAccess | Write |
ec2:EnableTransitGatewayRouteTablePropagation | Write |
ec2:EnableVgwRoutePropagation | Write |
ec2:EnableVolumeIO | Write |
ec2:EnableVpcClassicLink | Write |
ec2:EnableVpcClassicLinkDnsSupport | Write |
ec2:ExportClientVpnClientCertificateRevocationList | Write |
ec2:ExportClientVpnClientConfiguration | Write |
ec2:ExportImage | Write |
ec2:ExportTransitGatewayRoutes | Write |
ec2:ExportVerifiedAccessInstanceClientConfiguration | Write |
ec2:GetActiveVpnTunnelStatus | Read |
ec2:GetAllowedImagesSettings | Read |
ec2:GetAssociatedEnclaveCertificateIamRoles | Permissions |
ec2:GetAssociatedIpv6PoolCidrs | Read |
ec2:GetAwsNetworkPerformanceData | Read |
ec2:GetCapacityManagerAttributes | Read |
ec2:GetCapacityManagerMetricData | Read |
ec2:GetCapacityManagerMetricDimensions | Read |
ec2:GetCapacityReservationUsage | Read |
ec2:GetCoipPoolUsage | Read |
ec2:GetConsoleOutput | Read |
ec2:GetConsoleScreenshot | Read |
ec2:GetDeclarativePoliciesReportSummary | Read |
ec2:GetDefaultCreditSpecification | Read |
ec2:GetEbsDefaultKmsKeyId | Read |
ec2:GetEbsEncryptionByDefault | Read |
ec2:GetEnabledIpamPolicy | Permissions |
ec2:GetFlowLogsIntegrationTemplate | Read |
ec2:GetGroupsForCapacityReservation | Read |
ec2:GetHostReservationPurchasePreview | Read |
ec2:GetImageAncestry | Read |
ec2:GetImageBlockPublicAccessState | Read |
ec2:GetInstanceMetadataDefaults | Read |
ec2:GetInstanceTpmEkPub | Read |
ec2:GetInstanceTypesFromInstanceRequirements | Read |
ec2:GetInstanceUefiData | Read |
ec2:GetIpamAddressHistory | Read |
ec2:GetIpamDiscoveredAccounts | Read |
ec2:GetIpamDiscoveredPublicAddresses | Read |
ec2:GetIpamDiscoveredResourceCidrs | Read |
ec2:GetIpamPolicyAllocationRules | Permissions |
ec2:GetIpamPolicyOrganizationTargets | Permissions |
ec2:GetIpamPoolAllocations | Read |
ec2:GetIpamPoolCidrs | Read |
ec2:GetIpamPrefixListResolverRules | Read |
ec2:GetIpamPrefixListResolverVersionEntries | Read |
ec2:GetIpamPrefixListResolverVersions | Read |
ec2:GetIpamResourceCidrs | Read |
ec2:GetLaunchTemplateData | Read |
ec2:GetManagedPrefixListAssociations | Read |
ec2:GetManagedPrefixListEntries | Read |
ec2:GetNetworkInsightsAccessScopeAnalysisFindings | Read |
ec2:GetNetworkInsightsAccessScopeContent | Read |
ec2:GetPasswordData | Read |
ec2:GetReservedInstancesExchangeQuote | Read |
ec2:GetResourcePolicy | Permissions |
ec2:GetRouteServerAssociations | Read |
ec2:GetRouteServerPropagations | Read |
ec2:GetRouteServerRoutingDatabase | Read |
ec2:GetSecurityGroupsForVpc | Read |
ec2:GetSerialConsoleAccessStatus | Read |
ec2:GetSnapshotBlockPublicAccessState | Read |
ec2:GetSpotPlacementScores | Read |
ec2:GetSubnetCidrReservations | Read |
ec2:GetTransitGatewayAttachmentPropagations | Read |
ec2:GetTransitGatewayMeteringPolicyEntries | Permissions |
ec2:GetTransitGatewayMulticastDomainAssociations | Read |
ec2:GetTransitGatewayPolicyTableAssociations | Permissions |
ec2:GetTransitGatewayPolicyTableEntries | Permissions |
ec2:GetTransitGatewayPrefixListReferences | Read |
ec2:GetTransitGatewayRouteTableAssociations | Read |
ec2:GetTransitGatewayRouteTablePropagations | Read |
ec2:GetVerifiedAccessEndpointPolicy | Permissions |
ec2:GetVerifiedAccessEndpointTargets | Read |
ec2:GetVerifiedAccessGroupPolicy | Permissions |
ec2:GetVerifiedAccessInstanceWebAcl | Read |
ec2:GetVpcResourcesBlockingEncryptionEnforcement | Read |
ec2:GetVpnConnectionDeviceSampleConfiguration | Read |
ec2:GetVpnConnectionDeviceTypes | Read |
ec2:GetVpnTunnelReplacementStatus | Read |
ec2:ImportByoipCidrToIpam | Write |
ec2:ImportClientVpnClientCertificateRevocationList | Write |
ec2:ImportImage | Write |
ec2:ImportInstance | Write |
ec2:ImportKeyPair | Write |
ec2:ImportSnapshot | Write |
ec2:ImportVolume | Write |
ec2:InjectApiError | Read |
ec2:InjectVolumeIOLatency | Read |
ec2:ListImagesInRecycleBin | List |
ec2:ListSnapshotsInRecycleBin | List |
ec2:ListVolumesInRecycleBin | List |
ec2:LockSnapshot | Read |
ec2:ModifyAddressAttribute | Write |
ec2:ModifyAvailabilityZoneGroup | Write |
ec2:ModifyCapacityReservation | Write |
ec2:ModifyCapacityReservationFleet | Write |
ec2:ModifyClientVpnEndpoint | Write |
ec2:ModifyDefaultCreditSpecification | Write |
ec2:ModifyEbsDefaultKmsKeyId | Write |
ec2:ModifyFleet | Write |
ec2:ModifyFpgaImageAttribute | Write |
ec2:ModifyHosts | Write |
ec2:ModifyIdentityIdFormat | Write |
ec2:ModifyIdFormat | Write |
ec2:ModifyImageAttribute | Write |
ec2:ModifyInstanceAttribute | Write |
ec2:ModifyInstanceCapacityReservationAttributes | Write |
ec2:ModifyInstanceConnectEndpoint | Write |
ec2:ModifyInstanceCpuOptions | Write |
ec2:ModifyInstanceCreditSpecification | Write |
ec2:ModifyInstanceEventStartTime | Write |
ec2:ModifyInstanceEventWindow | Write |
ec2:ModifyInstanceMaintenanceOptions | Write |
ec2:ModifyInstanceMetadataDefaults | Write |
ec2:ModifyInstanceMetadataOptions | Write |
ec2:ModifyInstanceNetworkPerformanceOptions | Write |
ec2:ModifyInstancePlacement | Write |
ec2:ModifyIpam | Write |
ec2:ModifyIpamPolicyAllocationRules | Permissions |
ec2:ModifyIpamPool | Write |
ec2:ModifyIpamPrefixListResolver | Write |
ec2:ModifyIpamPrefixListResolverTarget | Write |
ec2:ModifyIpamResourceCidr | Write |
ec2:ModifyIpamResourceDiscovery | Write |
ec2:ModifyIpamScope | Write |
ec2:ModifyLaunchTemplate | Write |
ec2:ModifyLocalGatewayRoute | Write |
ec2:ModifyManagedPrefixList | Write |
ec2:ModifyNetworkInterfaceAttribute | Write |
ec2:ModifyOdbNetworkPeering | Write |
ec2:ModifyPrivateDnsNameOptions | Write |
ec2:ModifyPublicIpDnsNameOptions | Write |
ec2:ModifyReservedInstances | Write |
ec2:ModifyRouteServer | Write |
ec2:ModifySecurityGroupRules | Write |
ec2:ModifySnapshotAttribute | Write |
ec2:ModifySnapshotTier | Write |
ec2:ModifySpotFleetRequest | Write |
ec2:ModifySubnetAttribute | Write |
ec2:ModifyTrafficMirrorFilterNetworkServices | Write |
ec2:ModifyTrafficMirrorFilterRule | Write |
ec2:ModifyTrafficMirrorSession | Write |
ec2:ModifyTransitGateway | Write |
ec2:ModifyTransitGatewayMeteringPolicy | Permissions |
ec2:ModifyTransitGatewayPrefixListReference | Write |
ec2:ModifyTransitGatewayVpcAttachment | Write |
ec2:ModifyVerifiedAccessEndpoint | Write |
ec2:ModifyVerifiedAccessEndpointPolicy | Permissions |
ec2:ModifyVerifiedAccessGroup | Write |
ec2:ModifyVerifiedAccessGroupPolicy | Permissions |
ec2:ModifyVerifiedAccessInstance | Write |
ec2:ModifyVerifiedAccessInstanceLoggingConfiguration | Write |
ec2:ModifyVerifiedAccessTrustProvider | Write |
ec2:ModifyVolume | Write |
ec2:ModifyVolumeAttribute | Write |
ec2:ModifyVpcAttribute | Write |
ec2:ModifyVpcBlockPublicAccessExclusion | Write |
ec2:ModifyVpcBlockPublicAccessOptions | Write |
ec2:ModifyVpcEncryptionControl | Write |
ec2:ModifyVpcEndpoint | Write |
ec2:ModifyVpcEndpointConnectionNotification | Write |
ec2:ModifyVpcEndpointServiceConfiguration | Write |
ec2:ModifyVpcEndpointServicePayerResponsibility | Write |
ec2:ModifyVpcEndpointServicePermissions | Permissions |
ec2:ModifyVpcPeeringConnectionOptions | Write |
ec2:ModifyVpcTenancy | Write |
ec2:ModifyVpnConnection | Write |
ec2:ModifyVpnConnectionOptions | Write |
ec2:ModifyVpnTunnelCertificate | Write |
ec2:ModifyVpnTunnelOptions | Write |
ec2:MonitorInstances | Read |
ec2:MoveAddressToVpc | Read |
ec2:MoveByoipCidrToIpam | Read |
ec2:MoveCapacityReservationInstances | Read |
ec2:PauseVolumeIO | Read |
ec2:ProvisionByoipCidr | Read |
ec2:ProvisionIpamByoasn | Read |
ec2:ProvisionIpamPoolCidr | Read |
ec2:ProvisionPublicIpv4PoolCidr | Read |
ec2:PurchaseCapacityBlock | Read |
ec2:PurchaseCapacityBlockExtension | Read |
ec2:PurchaseHostReservation | Read |
ec2:PurchaseReservedInstancesOffering | Read |
ec2:PurchaseScheduledInstances | Read |
ec2:PutResourcePolicy | Permissions |
ec2:RebootInstances | Write |
ec2:RegisterImage | Write |
ec2:RegisterInstanceEventNotificationAttributes | Write |
ec2:RegisterTransitGatewayMulticastGroupMembers | Write |
ec2:RegisterTransitGatewayMulticastGroupSources | Write |
ec2:RejectCapacityReservationBillingOwnership | Write |
ec2:RejectTransitGatewayMulticastDomainAssociations | Write |
ec2:RejectTransitGatewayPeeringAttachment | Write |
ec2:RejectTransitGatewayVpcAttachment | Write |
ec2:RejectVpcEndpointConnections | Write |
ec2:RejectVpcPeeringConnection | Write |
ec2:ReleaseAddress | Write |
ec2:ReleaseHosts | Write |
ec2:ReleaseIpamPoolAllocation | Write |
ec2:ReplaceIamInstanceProfileAssociation | Read |
ec2:ReplaceImageCriteriaInAllowedImagesSettings | Read |
ec2:ReplaceNetworkAclAssociation | Read |
ec2:ReplaceNetworkAclEntry | Read |
ec2:ReplaceRoute | Read |
ec2:ReplaceRouteTableAssociation | Read |
ec2:ReplaceTransitGatewayRoute | Read |
ec2:ReplaceVpnTunnel | Read |
ec2:ReportInstanceStatus | Read |
ec2:RequestSpotFleet | Read |
ec2:RequestSpotInstances | Read |
ec2:ResetAddressAttribute | Write |
ec2:ResetEbsDefaultKmsKeyId | Write |
ec2:ResetFpgaImageAttribute | Write |
ec2:ResetImageAttribute | Write |
ec2:ResetInstanceAttribute | Write |
ec2:ResetNetworkInterfaceAttribute | Write |
ec2:ResetSnapshotAttribute | Write |
ec2:RestoreAddressToClassic | Write |
ec2:RestoreImageFromRecycleBin | Write |
ec2:RestoreManagedPrefixListVersion | Write |
ec2:RestoreSnapshotFromRecycleBin | Write |
ec2:RestoreSnapshotTier | Write |
ec2:RestoreVolumeFromRecycleBin | Write |
ec2:RevokeClientVpnIngress | Write |
ec2:RevokeSecurityGroupEgress | Write |
ec2:RevokeSecurityGroupIngress | Write |
ec2:RunInstances | Write |
ec2:RunScheduledInstances | Write |
ec2:SearchLocalGatewayRoutes | List |
ec2:SearchTransitGatewayMulticastGroups | List |
ec2:SearchTransitGatewayRoutes | List |
ec2:SendDiagnosticInterrupt | Write |
ec2:SendSpotInstanceInterruptions | Write |
ec2:StartDeclarativePoliciesReport | Write |
ec2:StartInstances | Write |
ec2:StartNetworkInsightsAccessScopeAnalysis | Write |
ec2:StartNetworkInsightsAnalysis | Write |
ec2:StartVpcEndpointServicePrivateDnsVerification | Write |
ec2:StopInstances | Write |
ec2:TerminateClientVpnConnections | Write |
ec2:TerminateInstances | Write |
ec2:UnassignIpv6Addresses | Write |
ec2:UnassignPrivateIpAddresses | Write |
ec2:UnassignPrivateNatGatewayAddress | Write |
ec2:UnlockSnapshot | Read |
ec2:UnmonitorInstances | Read |
ec2:UpdateCapacityManagerOrganizationsAccess | Write |
ec2:UpdateInterruptibleCapacityReservationAllocation | Write |
ec2:UpdateSecurityGroupRuleDescriptionsEgress | Write |
ec2:UpdateSecurityGroupRuleDescriptionsIngress | Write |
ec2:WithdrawByoipCidr | Read |
Resource Types
ARN patterns for resources in this service.
| Resource | ARN Pattern |
|---|---|
${ResourceType} | arn:aws:ec2:${Region}:${Account}:${ResourceType}/${ResourcePath} |
Condition Keys
Condition keys you can use in IAM policy conditions for this service.
aws:RequestTag/${TagKey}aws:ResourceTag/${TagKey}aws:TagKeysec2:AccepterVpcec2:Add/groupec2:Add/userIdec2:AllocationIdec2:AssociatePublicIpAddressec2:Attributeec2:Attribute/${AttributeName}ec2:AuthenticationTypeec2:AuthorizedServiceec2:AuthorizedUserec2:AutoPlacementec2:AvailabilityZoneec2:AvailabilityZoneIdec2:CapacityReservationFleetec2:ClientRootCertificateChainArnec2:CloudwatchLogGroupArnec2:CloudwatchLogStreamArnec2:CommitmentDurationec2:CpuOptionsAmdSevSnpec2:CreateActionec2:CreateDateec2:DPDTimeoutSecondsec2:DestinationCapacityReservationIdec2:DhcpOptionsIDec2:DirectoryArnec2:Domainec2:EbsOptimizedec2:ElasticGpuTypeec2:Encryptedec2:EndDateec2:EndDateTypeec2:EphemeralStorageec2:FisActionIdec2:FisTargetArnsec2:GatewayTypeec2:HostRecoveryec2:IKEVersionsec2:ImageIDec2:ImageTypeec2:InsideTunnelCidrec2:InsideTunnelIpv6Cidrec2:InstanceAutoRecoveryec2:InstanceBandwidthWeightingec2:InstanceCountec2:InstanceIDec2:InstanceMarketTypeec2:InstanceMatchCriteriaec2:InstanceMetadataTagsec2:InstancePlatformec2:InstanceProfileec2:InstanceTypeec2:InternetGatewayIDec2:InterruptibleCapacityReservationIdec2:InterruptionTypeec2:IpamPrefixListResolverTargetIdec2:Ipv4IpamPoolIdec2:Ipv6IpamPoolIdec2:IsInterruptibleec2:IsLaunchTemplateResourceec2:KeyPairNameec2:KeyPairTypeec2:KmsKeyIdec2:LaunchTemplateec2:Locationec2:ManagedResourceOperatorec2:MetadataHttpEndpointec2:MetadataHttpPutResponseHopLimitec2:MetadataHttpTokensec2:NetworkAclIDec2:NetworkInterfaceIDec2:NewInstanceProfileec2:OutpostArnec2:Ownerec2:ParentSnapshotec2:ParentVolumeec2:Permissionec2:Phase1DHGroupec2:Phase1EncryptionAlgorithmsec2:Phase1IntegrityAlgorithmsec2:Phase1LifetimeSecondsec2:Phase2DHGroupec2:Phase2EncryptionAlgorithmsec2:Phase2IntegrityAlgorithmsec2:Phase2LifetimeSecondsec2:PlacementGroupec2:PlacementGroupNameec2:PlacementGroupStrategyec2:ProductCodeec2:Publicec2:PublicIpAddressec2:Quantityec2:Regionec2:RekeyFuzzPercentageec2:RekeyMarginTimeSecondsec2:Remove/groupec2:Remove/userIdec2:ReplayWindowSizePacketsec2:RequesterVpcec2:ReservedInstancesOfferingTypeec2:ResourceTag/${TagKey}ec2:RoleDeliveryec2:RootDeviceTypeec2:RouteTableIDec2:RoutingTypeec2:SamlProviderArnec2:SecurityGroupIDec2:ServerCertificateArnec2:SnapshotCoolOffPeriodec2:SnapshotIDec2:SnapshotLockDurationec2:SnapshotTimeec2:SourceAvailabilityZoneec2:SourceCapacityReservationIdec2:SourceInstanceARNec2:SourceOutpostArnec2:Subnetec2:SubnetIDec2:TargetInstanceCountec2:Tenancyec2:VolumeIDec2:VolumeInitializationRateec2:VolumeIopsec2:VolumeSizeec2:VolumeThroughputec2:VolumeTypeec2:Vpcec2:VpcIDec2:VpcPeeringConnectionIDec2:VpceMultiRegionec2:VpcePrivateDnsPreferenceec2:VpcePrivateDnsSpecifiedDomainsec2:VpceServiceNameec2:VpceServiceOwnerec2:VpceServicePrivateDnsNameec2:VpceServiceRegionec2:VpceSupportedRegionec2:transitGatewayAttachmentIdec2:transitGatewayConnectPeerIdec2:transitGatewayIdec2:transitGatewayMeteringPolicyIdec2:transitGatewayMulticastDomainIdec2:transitGatewayPolicyTableIdec2:transitGatewayRouteTableAnnouncementIdec2:transitGatewayRouteTableIdGet the Amazon EC2 Cheat Sheet
Everything you need to know about Amazon EC2 on one page. HD quality, print-friendly.
Download Free InfographicGet the Amazon EC2 Cheat Sheet
Everything you need to know about Amazon EC2 on one page. HD quality, print-friendly.
Download Free InfographicQuick Facts
Total Actions780
Prefix
ec2Resource Types1
Condition Keys147
Access Level Breakdown
Read284
Write445
List6
Permissions42
Tagging3