ModifyVpcEndpointServicePermissions - Amazon Elastic Compute Cloud
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

ModifyVpcEndpointServicePermissions

Modifies the permissions for your VPC endpoint service. You can add or remove permissions for service consumers (Amazon Web Services accounts, users, and IAM roles) to connect to your endpoint service.

If you grant permissions to all principals, the service is public. Any users who know the name of a public service can send a request to attach an endpoint. If the service does not require manual approval, attachments are automatically approved.

Request Parameters

The following parameters are for this specific action. For more information about required and optional parameters that are common to all actions, see Common Query Parameters.

AddAllowedPrincipals.N

The Amazon Resource Names (ARN) of the principals. Permissions are granted to the principals in this list. To grant permissions to all principals, specify an asterisk (*).

Type: Array of strings

Required: No

DryRun

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

Type: Boolean

Required: No

RemoveAllowedPrincipals.N

The Amazon Resource Names (ARN) of the principals. Permissions are revoked for principals in this list.

Type: Array of strings

Required: No

ServiceId

The ID of the service.

Type: String

Required: Yes

Response Elements

The following elements are returned by the service.

addedPrincipalSet

Information about the added principals.

Type: Array of AddedPrincipal objects

requestId

The ID of the request.

Type: String

return

Returns true if the request succeeds; otherwise, it returns an error.

Type: Boolean

Errors

For information about the errors that are common to all actions, see Common client error codes.

Examples

Example

This example permits all principals in Amazon Web Services account 123456789012 to connect to your endpoint service vpce-svc-03d5ebb7d9579a2b3.

Sample Request

https://ec2.amazonaws.com/?Action=ModifyVpcEndpointServicePermissions &ServiceId=vpce-svc-03d5ebb7d9579a2b3 &AddAllowedPrincipals.1=arn:aws:iam::123456789012:root &AUTHPARAMS

Sample Response

<ModifyVpcEndpointServicePermissionsResponse xmlns="http://ec2.amazonaws.com/doc/2016-11-15/"> <requestId>08d80840-f750-42db-a6f8-2cd32example</requestId> <return>true</return> </ModifyVpcEndpointServicePermissionsResponse>

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: