Read our blog for the latest insights on sales and marketing Take Me There

Webinar: Use Sugar Data to Easily Generate Complex Documents Register

Webinar: Advanced Calendar Solution for Sugar Register

Amazon VPC March 2020 Update

Released on March 23rd, 2020

Use Amazon VPC Endpoint Policies for Granular Control of Amazon EC2 APIs

Amazon Elastic Compute Cloud (EC2) now lets you attach IAM resource policies to your VPC endpoints. VPC Endpoint policies can help you meet compliance and regulatory requirements by granularly controlling access to Amazon EC2 APIs.

You can use a VPC endpoint policy to define the Amazon EC2 actions (RunInstances, CreateVolume, etc) that may be performed, the principal that may perform the actions, and the resources on which the actions may be performed. The list of resource types supported for each EC2 action can be found in the Amazon EC2 IAM policy documentation.

VPC endpoint policies for Amazon EC2 are available in all public AWS regions. You can get started with endpoint policies by creating a VPC endpoint for Amazon EC2, or by adding a policy to an existing VPC endpoint. For more information about using VPC endpoint policies, see the Amazon EC2 documentation.

Amazon VPC Flow Logs Now Support Resource Tagging and Tag-on-Create

You can now tag your Amazon Virtual Private Cloud (VPC) flow logs. A tag is a simple label consisting of a user-defined key and an optional value that can be used to easily manage, categorize and search for your VPC flow log subscriptions based on purpose, owner, or other such criteria.  

To get started, you can specify tags while creating new VPC flow logs. You can also add, edit or delete tags on your existing VPC flow logs after creation. 

This functionality is available at no additional charge through the AWS Management Console, the AWS Command Line Interface (AWS CLI) or the AWS Software Development Kit (AWS SDK). To learn more about tagging, please visit the user guide. To learn more about Amazon VPC flow logs, please refer to the documentation

Amazon VPC NAT Gateway Now Supports Tag-on-Create

Amazon VPC Network Address Translation (NAT) gateway now supports adding tags at the time of resource creation, and tag-based access control. You can define fine-grained access controls for NAT gateways using tags and AWS Identity and Access Management (IAM) policies. Tags are simple key-value pairs that you can assign to resources to easily organize, search, and identify resources, create cost allocation reports, and control access to resources.

NAT gateway is a highly available AWS managed service that enables instances in a private subnet to connect to the internet, but prevents the internet from initiating a connection with those instances.  

Tagging NAT gateways at the time of creation is available in all AWS Regions. Click here to learn more about tagging. To learn more about VPC NAT Gateway, please visit our documentation.

« Back to Releases