Amazon VPC Lattice (IAM)

aws networking

Amazon VPC Lattice is a fully managed application networking service that connects, monitors, and secures communications between your services.

Common permissions

vpc-lattice:GetServicevpc-lattice:ListServicesvpc-lattice:CreateServicevpc-lattice:GetListenervpc-lattice:ListListenersvpc-lattice:GetTargetGroupvpc-lattice:ListTargetGroupsvpc-lattice:ListTargets

Least-privilege example

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "vpc-lattice:GetService",
        "vpc-lattice:ListServices",
        "vpc-lattice:CreateService",
        "vpc-lattice:GetListener",
        "vpc-lattice:ListListeners",
        "vpc-lattice:GetTargetGroup",
        "vpc-lattice:ListTargetGroups",
        "vpc-lattice:ListTargets"
      ],
      "Resource": "*"
    }
  ]
}

Warnings

Avoid vpc-lattice:* — grants full control including delete/modify of services, listeners, and target groups
Avoid vpc-lattice:PutAuthPolicy — can overwrite auth policies, potentially exposing services

Resources

AWS referenceservicereference.us-east-1.amazonaws.com/v1/vpc-lattice/vpc-lattice.json ↗

API

full doc /v1/iam/vpc-lattice