ec2:CreateIpamPrefixListResolver

Write

ec2:CreateIpamPrefixListResolver is a Write access-level action in the ec2 service. Grants permission to create an IPAM prefix list resolver that defines rules for selecting CIDRs to include in prefix lists

Resource types

ARNs that ec2:CreateIpamPrefixListResolver can be scoped to in an IAM policy.

arn:${Partition}:ec2::${Account}:ipam/${IpamId}
ipam
arn:${Partition}:ec2::${Account}:ipam-prefix-list-resolver/${IpamPrefixListResolverId}
ipam-prefix-list-resolver
arn:${Partition}:ec2::${Account}:ipam-scope/${IpamScopeId}
ipam-scope

Condition keys

Keys you can use in the Condition block of a policy that grants ec2:CreateIpamPrefixListResolver.

aws:RequestTag/${TagKey} String

Filters access by a tag key and value pair that is allowed in the request

aws:ResourceTag/${TagKey} String

Filters access by a tag key and value pair of a resource

aws:TagKeys ArrayOfString

Filters access by a list of tag keys that are allowed in the request

ec2:Attribute String

Filters access by an attribute of a resource

ec2:Attribute/${AttributeName} String

Filters access by an attribute being set on a resource

ec2:Region String

Filters access by the name of the AWS Region

ec2:ResourceTag/${TagKey} String

Filters access by a tag key and value pair of a resource

Dependent actions

To use ec2:CreateIpamPrefixListResolver you may also need to grant:

Example IAM policy

A minimal policy that allows ec2:CreateIpamPrefixListResolver. Replace "Resource": "*" with a specific ARN to follow least privilege.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowEc2CreateIpamPrefixListResolver",
      "Effect": "Allow",
      "Action": "ec2:CreateIpamPrefixListResolver",
      "Resource": "*"
    }
  ]
}

Related actions in ec2

View all ec2 actions →