The aws-directconnect mod contains resource, control and policy definitions for AWS Direct Connect service.
Resource Types
Resource types covered by this mod:
- AWS > Direct Connect
- AWS > Direct Connect > Connection
- AWS > Direct Connect > Direct Connect Gateway
- AWS > Direct Connect > Lag
- AWS > Direct Connect > Virtual Interface
Permissions
Taking a look at permissions and associated grant levels for each permission for Direct Connect:
Permission | Grant Level | Help |
---|---|---|
directconnect:AllocateConnectionOnInterconnect | Admin | Admins can manage interconnects. |
directconnect:AllocateHostedConnection | Admin | Admins can manage hosted connections. |
directconnect:AllocatePrivateVirtualInterface | Admin | Admins can manage virtual interfaces. |
directconnect:AllocatePublicVirtualInterface | Admin | Admins can manage virtual interfaces. |
directconnect:AssociateConnectionWithLag | Admin | Admins can manage link aggregation groups (LAGs). |
directconnect:AssociateHostedConnection | Admin | Admins can manage hosted connections. |
directconnect:AssociateVirtualInterface | Admin | Admins can manage virtual interfaces. |
directconnect:ConfirmConnection | Admin | Admins can manage connections. |
directconnect:ConfirmPrivateVirtualInterface | Admin | Admins can manage virtual interfaces. |
directconnect:ConfirmPublicVirtualInterface | Admin | Admins can manage virtual interfaces. |
directconnect:CreateBGPPeer | Admin | Admins can manage virtual interfaces. |
directconnect:CreateConnection | Admin | Admins can manage connections. |
directconnect:CreateDirectConnectGateway | Admin | Admins can manage direct connect gateway. |
directconnect:CreateDirectConnectGatewayAssociation | Admin | Admins can manage direct connect gateway. |
directconnect:CreateInterconnect | Admin | Admins can manage interconnects. |
directconnect:CreateLag | Admin | Admins can manage link aggregation groups (LAGs). |
directconnect:CreatePrivateVirtualInterface | Admin | Admins can manage virtual interfaces. |
directconnect:CreatePublicVirtualInterface | Admin | Admins can manage virtual interfaces. |
directconnect:DeleteBGPPeer | Admin | Admins can manage virtual interfaces. |
directconnect:DeleteConnection | Admin | Admins can manage connections. |
directconnect:DeleteDirectConnectGateway | Admin | Admins can manage direct connect gateway. |
directconnect:DeleteDirectConnectGatewayAssociation | Admin | Admins can manage direct connect gateway. |
directconnect:DeleteInterconnect | Admin | Admins can manage interconnects. |
directconnect:DeleteLag | Admin | Admins can manage link aggregation groups (LAGs). |
directconnect:DeleteVirtualInterface | Admin | Admins can manage virtual interfaces. |
directconnect:DescribeConnectionLoa | Admin | Retrival of LOA-CFAs restricted to admins. |
directconnect:DescribeConnections | Metadata | |
directconnect:DescribeConnectionsOnInterconnect | Metadata | |
directconnect:DescribeDirectConnectGatewayAssociations | Metadata | List of all direct connect gateway and virtual private gateway (VGW) associations. |
directconnect:DescribeDirectConnectGatewayAttachments | Metadata | List of all direct connect gateway and virtual interface (VIF) attachments. |
directconnect:DescribeDirectConnectGateways | Metadata | |
directconnect:DescribeHostedConnections | Metadata | |
directconnect:DescribeInterconnectLoa | Admin | Deprecated in favor of DescribeLoa but included to simplify policy document. |
directconnect:DescribeInterconnects | Metadata | |
directconnect:DescribeLags | Metadata | |
directconnect:DescribeLoa | Admin | Retrival of LOA-CFAs restricted to admins. |
directconnect:DescribeLocations | Metadata | |
directconnect:DescribeTags | Metadata | |
directconnect:DescribeVirtualGateways | Metadata | |
directconnect:DescribeVirtualInterfaces | Metadata | |
directconnect:DisassociateConnectionFromLag | Admin | Admins can manage link aggregation groups (LAGs). |
directconnect:TagResource | Operator | |
directconnect:UntagResource | Operator | |
directconnect:UpdateDirectConnectGateway | Admin | |
directconnect:UpdateLag | Admin | Admins can manage link aggregation groups (LAGs). |
directconnect:UpdateVirtualInterfaceAttributes | Admin | |
ec2:DescribeVpnGateways | Metadata | Required for accepting virtual interfaces. |
Learn More About Turbot
- Setting Policies Tutorial
- Mods Overview
- Policies Overview
- Resources Overview
- Common Policies and Controls
Recommended Version
Version
5.3.0
Released On
Jun 01, 2023
Depends On
Resource Types
- AWS > Direct Connect
- AWS > Direct Connect > Connection
- AWS > Direct Connect > Direct Connect Gateway
- AWS > Direct Connect > Lag
- AWS > Direct Connect > Virtual Interface
Control Types
- AWS > Direct Connect > Connection > Active
- AWS > Direct Connect > Connection > Approved
- AWS > Direct Connect > Connection > CMDB
- AWS > Direct Connect > Connection > Discovery
- AWS > Direct Connect > Connection > Tags
- AWS > Direct Connect > Connection > Usage
- AWS > Direct Connect > Direct Connect Gateway > Active
- AWS > Direct Connect > Direct Connect Gateway > Approved
- AWS > Direct Connect > Direct Connect Gateway > CMDB
- AWS > Direct Connect > Direct Connect Gateway > Discovery
- AWS > Direct Connect > Direct Connect Gateway > Usage
- AWS > Direct Connect > Lag > Active
- AWS > Direct Connect > Lag > Approved
- AWS > Direct Connect > Lag > CMDB
- AWS > Direct Connect > Lag > Discovery
- AWS > Direct Connect > Lag > Tags
- AWS > Direct Connect > Lag > Usage
- AWS > Direct Connect > Virtual Interface > Active
- AWS > Direct Connect > Virtual Interface > Approved
- AWS > Direct Connect > Virtual Interface > CMDB
- AWS > Direct Connect > Virtual Interface > Discovery
- AWS > Direct Connect > Virtual Interface > Tags
- AWS > Direct Connect > Virtual Interface > Usage
Policy Types
- AWS > Direct Connect > API Enabled
- AWS > Direct Connect > Approved Regions [Default]
- AWS > Direct Connect > Connection > Active
- AWS > Direct Connect > Connection > Active > Age
- AWS > Direct Connect > Connection > Active > Last Modified
- AWS > Direct Connect > Connection > Approved
- AWS > Direct Connect > Connection > Approved > Custom
- AWS > Direct Connect > Connection > Approved > Regions
- AWS > Direct Connect > Connection > Approved > Usage
- AWS > Direct Connect > Connection > CMDB
- AWS > Direct Connect > Connection > Regions
- AWS > Direct Connect > Connection > Tags
- AWS > Direct Connect > Connection > Tags > Template
- AWS > Direct Connect > Connection > Usage
- AWS > Direct Connect > Connection > Usage > Limit
- AWS > Direct Connect > Direct Connect Gateway > Active
- AWS > Direct Connect > Direct Connect Gateway > Active > Age
- AWS > Direct Connect > Direct Connect Gateway > Active > Last Modified
- AWS > Direct Connect > Direct Connect Gateway > Approved
- AWS > Direct Connect > Direct Connect Gateway > Approved > Custom
- AWS > Direct Connect > Direct Connect Gateway > Approved > Usage
- AWS > Direct Connect > Direct Connect Gateway > CMDB
- AWS > Direct Connect > Direct Connect Gateway > Usage
- AWS > Direct Connect > Direct Connect Gateway > Usage > Limit
- AWS > Direct Connect > Enabled
- AWS > Direct Connect > Lag > Active
- AWS > Direct Connect > Lag > Active > Age
- AWS > Direct Connect > Lag > Active > Last Modified
- AWS > Direct Connect > Lag > Approved
- AWS > Direct Connect > Lag > Approved > Custom
- AWS > Direct Connect > Lag > Approved > Regions
- AWS > Direct Connect > Lag > Approved > Usage
- AWS > Direct Connect > Lag > CMDB
- AWS > Direct Connect > Lag > Regions
- AWS > Direct Connect > Lag > Tags
- AWS > Direct Connect > Lag > Tags > Template
- AWS > Direct Connect > Lag > Usage
- AWS > Direct Connect > Lag > Usage > Limit
- AWS > Direct Connect > Permissions
- AWS > Direct Connect > Permissions > Levels
- AWS > Direct Connect > Permissions > Levels > Modifiers
- AWS > Direct Connect > Permissions > Lockdown
- AWS > Direct Connect > Permissions > Lockdown > API Boundary
- AWS > Direct Connect > Regions
- AWS > Direct Connect > Tags Template [Default]
- AWS > Direct Connect > Virtual Interface > Active
- AWS > Direct Connect > Virtual Interface > Active > Age
- AWS > Direct Connect > Virtual Interface > Active > Last Modified
- AWS > Direct Connect > Virtual Interface > Approved
- AWS > Direct Connect > Virtual Interface > Approved > Custom
- AWS > Direct Connect > Virtual Interface > Approved > Regions
- AWS > Direct Connect > Virtual Interface > Approved > Usage
- AWS > Direct Connect > Virtual Interface > CMDB
- AWS > Direct Connect > Virtual Interface > Regions
- AWS > Direct Connect > Virtual Interface > Tags
- AWS > Direct Connect > Virtual Interface > Tags > Template
- AWS > Direct Connect > Virtual Interface > Usage
- AWS > Direct Connect > Virtual Interface > Usage > Limit
- AWS > Turbot > Event Handlers > Events > Rules > Event Sources > @turbot/aws-directconnect
- AWS > Turbot > Permissions > Compiled > API Boundary > @turbot/aws-directconnect
- AWS > Turbot > Permissions > Compiled > Levels > @turbot/aws-directconnect
- AWS > Turbot > Permissions > Compiled > Service Permissions > @turbot/aws-directconnect
Release Notes
5.3.0 (2023-06-01)
What's new?
- Resource's metadata will now also include
createdBy
details in Turbot CMDB. - README.md file is now available for users to check details about the resource types and service permissions that the mod covers.
5.2.0 (2023-03-30)
Resource Types
Added
- AWS > Direct Connect > Lag
Control Types
Added
- AWS > Direct Connect > Lag > Active
- AWS > Direct Connect > Lag > Approved
- AWS > Direct Connect > Lag > CMDB
- AWS > Direct Connect > Lag > Discovery
- AWS > Direct Connect > Lag > Tags
- AWS > Direct Connect > Lag > Usage
Policy Types
Added
- AWS > Direct Connect > Lag > Active
- AWS > Direct Connect > Lag > Active > Age
- AWS > Direct Connect > Lag > Active > Last Modified
- AWS > Direct Connect > Lag > Approved
- AWS > Direct Connect > Lag > Approved > Custom
- AWS > Direct Connect > Lag > Approved > Regions
- AWS > Direct Connect > Lag > Approved > Usage
- AWS > Direct Connect > Lag > CMDB
- AWS > Direct Connect > Lag > Regions
- AWS > Direct Connect > Lag > Tags
- AWS > Direct Connect > Lag > Tags > Template
- AWS > Direct Connect > Lag > Usage
- AWS > Direct Connect > Lag > Usage > Limit
Action Types
Added
- AWS > Direct Connect > Lag > Delete
- AWS > Direct Connect > Lag > Delete from AWS
- AWS > Direct Connect > Lag > Router
- AWS > Direct Connect > Lag > Set Tags
- AWS > Direct Connect > Lag > Skip alarm for Active control
- AWS > Direct Connect > Lag > Skip alarm for Active control [90 days]
- AWS > Direct Connect > Lag > Skip alarm for Approved control
- AWS > Direct Connect > Lag > Skip alarm for Approved control [90 days]
- AWS > Direct Connect > Lag > Skip alarm for Tags control
- AWS > Direct Connect > Lag > Skip alarm for Tags control [90 days]
- AWS > Direct Connect > Lag > Update Tags
5.1.0 (2022-12-16)
Resource Types
Added
- AWS > Direct Connect > Connection
- AWS > Direct Connect > Direct Connect Gateway
- AWS > Direct Connect > Virtual Interface
Control Types
Added
- AWS > Direct Connect > Connection > Active
- AWS > Direct Connect > Connection > Approved
- AWS > Direct Connect > Connection > CMDB
- AWS > Direct Connect > Connection > Discovery
- AWS > Direct Connect > Connection > Tags
- AWS > Direct Connect > Connection > Usage
- AWS > Direct Connect > Direct Connect Gateway > Active
- AWS > Direct Connect > Direct Connect Gateway > Approved
- AWS > Direct Connect > Direct Connect Gateway > CMDB
- AWS > Direct Connect > Direct Connect Gateway > Discovery
- AWS > Direct Connect > Direct Connect Gateway > Usage
- AWS > Direct Connect > Virtual Interface > Active
- AWS > Direct Connect > Virtual Interface > Approved
- AWS > Direct Connect > Virtual Interface > CMDB
- AWS > Direct Connect > Virtual Interface > Discovery
- AWS > Direct Connect > Virtual Interface > Tags
- AWS > Direct Connect > Virtual Interface > Usage
Policy Types
Added
- AWS > Direct Connect > Approved Regions [Default]
- AWS > Direct Connect > Connection > Active
- AWS > Direct Connect > Connection > Active > Age
- AWS > Direct Connect > Connection > Active > Last Modified
- AWS > Direct Connect > Connection > Approved
- AWS > Direct Connect > Connection > Approved > Custom
- AWS > Direct Connect > Connection > Approved > Regions
- AWS > Direct Connect > Connection > Approved > Usage
- AWS > Direct Connect > Connection > CMDB
- AWS > Direct Connect > Connection > Regions
- AWS > Direct Connect > Connection > Tags
- AWS > Direct Connect > Connection > Tags > Template
- AWS > Direct Connect > Connection > Usage
- AWS > Direct Connect > Connection > Usage > Limit
- AWS > Direct Connect > Direct Connect Gateway > Active
- AWS > Direct Connect > Direct Connect Gateway > Active > Age
- AWS > Direct Connect > Direct Connect Gateway > Active > Last Modified
- AWS > Direct Connect > Direct Connect Gateway > Approved
- AWS > Direct Connect > Direct Connect Gateway > Approved > Custom
- AWS > Direct Connect > Direct Connect Gateway > Approved > Usage
- AWS > Direct Connect > Direct Connect Gateway > CMDB
- AWS > Direct Connect > Direct Connect Gateway > Usage
- AWS > Direct Connect > Direct Connect Gateway > Usage > Limit
- AWS > Direct Connect > Regions
- AWS > Direct Connect > Virtual Interface > Active
- AWS > Direct Connect > Virtual Interface > Active > Age
- AWS > Direct Connect > Virtual Interface > Active > Last Modified
- AWS > Direct Connect > Virtual Interface > Approved
- AWS > Direct Connect > Virtual Interface > Approved > Custom
- AWS > Direct Connect > Virtual Interface > Approved > Regions
- AWS > Direct Connect > Virtual Interface > Approved > Usage
- AWS > Direct Connect > Virtual Interface > CMDB
- AWS > Direct Connect > Virtual Interface > Regions
- AWS > Direct Connect > Virtual Interface > Tags
- AWS > Direct Connect > Virtual Interface > Tags > Template
- AWS > Direct Connect > Virtual Interface > Usage
- AWS > Direct Connect > Virtual Interface > Usage > Limit
- AWS > Turbot > Event Handlers > Events > Rules > Event Sources > @turbot/aws-directconnect
Action Types
Added
- AWS > Direct Connect > Connection > Delete
- AWS > Direct Connect > Connection > Delete from AWS
- AWS > Direct Connect > Connection > Router
- AWS > Direct Connect > Connection > Set Tags
- AWS > Direct Connect > Connection > Skip alarm for Active control
- AWS > Direct Connect > Connection > Skip alarm for Active control [90 days]
- AWS > Direct Connect > Connection > Skip alarm for Approved control
- AWS > Direct Connect > Connection > Skip alarm for Approved control [90 days]
- AWS > Direct Connect > Connection > Skip alarm for Tags control
- AWS > Direct Connect > Connection > Skip alarm for Tags control [90 days]
- AWS > Direct Connect > Connection > Update Tags
- AWS > Direct Connect > Direct Connect Gateway > Delete
- AWS > Direct Connect > Direct Connect Gateway > Delete from AWS
- AWS > Direct Connect > Direct Connect Gateway > Router
- AWS > Direct Connect > Direct Connect Gateway > Skip alarm for Active control
- AWS > Direct Connect > Direct Connect Gateway > Skip alarm for Active control [90 days]
- AWS > Direct Connect > Direct Connect Gateway > Skip alarm for Approved control
- AWS > Direct Connect > Direct Connect Gateway > Skip alarm for Approved control [90 days]
- AWS > Direct Connect > Virtual Interface > Delete
- AWS > Direct Connect > Virtual Interface > Delete from AWS
- AWS > Direct Connect > Virtual Interface > Set Tags
- AWS > Direct Connect > Virtual Interface > Skip alarm for Active control
- AWS > Direct Connect > Virtual Interface > Skip alarm for Active control [90 days]
- AWS > Direct Connect > Virtual Interface > Skip alarm for Approved control
- AWS > Direct Connect > Virtual Interface > Skip alarm for Approved control [90 days]
- AWS > Direct Connect > Virtual Interface > Skip alarm for Tags control
- AWS > Direct Connect > Virtual Interface > Skip alarm for Tags control [90 days]
- AWS > Direct Connect > Virtual Interface > Update Tags
5.0.0 (2021-04-09)
Resource Types
Added
- AWS > Direct Connect
Policy Types
Added
- AWS > Direct Connect > API Enabled
- AWS > Direct Connect > Enabled
- AWS > Direct Connect > Permissions
- AWS > Direct Connect > Permissions > Levels
- AWS > Direct Connect > Permissions > Levels > Modifiers
- AWS > Direct Connect > Permissions > Lockdown
- AWS > Direct Connect > Permissions > Lockdown > API Boundary
- AWS > Direct Connect > Tags Template [Default]
- AWS > Turbot > Permissions > Compiled > API Boundary > @turbot/aws-directconnect
- AWS > Turbot > Permissions > Compiled > Levels > @turbot/aws-directconnect
- AWS > Turbot > Permissions > Compiled > Service Permissions > @turbot/aws-directconnect