route53resolver:PutFirewallRuleGroupPolicy

Permissions management

route53resolver:PutFirewallRuleGroupPolicy is a Permissions management access-level action in the route53resolver service. Grants permission to specify an AWS account that you want to share a Firewall rule group with, the Firewall rule group that you want to share, and the operations that you want the account to be able to perform on the configuration

Resource types

ARNs that route53resolver:PutFirewallRuleGroupPolicy can be scoped to in an IAM policy.

arn:${Partition}:route53resolver:${Region}:${Account}:firewall-rule-group/${ResourceId}
firewall-rule-group

Condition keys

Keys you can use in the Condition block of a policy that grants route53resolver:PutFirewallRuleGroupPolicy.

aws:ResourceTag/${TagKey} String

Filters access by the presence of tag key-value pairs attached to the resource

Example IAM policy

A minimal policy that allows route53resolver:PutFirewallRuleGroupPolicy. Replace "Resource": "*" with a specific ARN to follow least privilege.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowRoute53resolverPutFirewallRuleGroupPolicy",
      "Effect": "Allow",
      "Action": "route53resolver:PutFirewallRuleGroupPolicy",
      "Resource": "*"
    }
  ]
}

Related actions in route53resolver

View all route53resolver actions →