AWS notification about new IAM policies for EC2 CreateSecurityGroup API

Question

I'm having troubles understanding what's happening with an email sent by AWS about "[Action Required] Update Allow IAM policies for EC2 CreateSecurityGroup API by June 30, 2024. [AWS Account: xxxxxxx] [US-EAST-2]"

for those who have received could you please exmplain better what we shall do ? they said to replace vpc arn *arn:aws:ec2:ExampleRegion:ExampleVpcParticipant:vpc/ExampleVpcId* to *arn:aws:ec2:ExampleRegion:ExampleVpcOwner:vpc/ExampleVpcId * but they did not provide an example of what ExampleVpcParticipant and ExampleVpcOwner could be.

all my IAM policies that include a vpc arn are in format of "arn:aws:ec2:*:xxxxxxx:vpc/*" where xxxxxxx is the account ID, so what's wrong with it ?

on the AWS health dashboard, the affected resources redirects me to *https://console.aws.amazon.com/vpc/home?region=us-east-2*, not to a specific VPC nor to a specific IAM policy. so it's very confusing to understand what's the problem.

rePost-User-6152965 · Accepted Answer

Contacted support, after some back and forth here's their reply:

> "The team have confirmed that you don't need to take any further action at this time, but if you ever receive a notice like this again, you will need to get direct assistance from the VPC Team"
No further action is required of you at this time.

Niko · Answer

Do you have multiple accounts and you are sharing your VPC ?

AWS notification about new IAM policies for EC2 CreateSecurityGroup API

Add your answer

Relevant content