AWS Direct Connect (IAM)

aws networking

AWS Direct Connect is a cloud service that makes it easy to establish a dedicated network connection from your premises to AWS.

Common permissions

directconnect:DescribeConnectionsdirectconnect:DescribeLagsdirectconnect:DescribeLocationsdirectconnect:DescribeVirtualInterfacesdirectconnect:DescribeDirectConnectGatewaysdirectconnect:CreateConnectiondirectconnect:CreateLagdirectconnect:TagResource

Least-privilege example

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "directconnect:DescribeConnections",
        "directconnect:DescribeLags",
        "directconnect:DescribeLocations",
        "directconnect:DescribeVirtualInterfaces",
        "directconnect:DescribeDirectConnectGateways",
        "directconnect:CreateConnection",
        "directconnect:CreateLag",
        "directconnect:TagResource"
      ],
      "Resource": "*"
    }
  ]
}

Warnings

Avoid directconnect:* — grants full control including delete and modify operations.
Avoid directconnect:DeleteConnection — can permanently delete network connections.

Resources

AWS referenceservicereference.us-east-1.amazonaws.com/v1/directconnect/directconnect.json ↗

API

full doc /v1/iam/directconnect