AWS IAM launches new VPC endpoint condition keys for network perimeter controls
News
AWS IAM has introduced three new global condition keys to enhance network perimeter controls for AWS resources:
- aws:VpceAccount - Controls access through VPC endpoints at the account level
- aws:VpceOrgPaths - Provides control at the organization path level
- aws:VpceOrgID - Enables controls at the entire organization level
Key benefits of these condition keys include:
- Automatic scaling with VPC usage
- No need to manually update policies when adding/removing VPC endpoints
- Compatible with existing service control, resource control, resource-based, and identity-based policies
- Supported across select AWS services in commercial regions with PrivateLink
These new condition keys provide granular network perimeter controls for enhanced AWS resource security.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Sep 30
2025
2025
AWS Transfer Family adds support for additional IAM condition keys
Sep 30
2025
2025
AWS Storage Gateway now supports VPC endpoint policies
Nov 19
2025
2025
AWS IAM launches aws:SourceVpcArn condition key for region-based access control
Oct 6
2025
2025
AWS IAM Identity Center now supports customer-managed KMS keys for encryption at rest
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.