AWS IAM launches aws:SourceVpcArn condition key for region-based access control
News
This article announces the launch of the aws:SourceVpcArn condition key in AWS IAM for region-based access control through AWS PrivateLink.
- New global condition key enables region-based access controls for PrivateLink resources
- Returns the ARN of the VPC where the VPC endpoint is attached
- Allows verification of requests through specific VPCs in same or cross-region scenarios
- Helps enforce data residency requirements for resource access
- Example use case: restrict S3 bucket access to specific regional VPC endpoints
- Available in all commercial AWS Regions
In summary, aws:SourceVpcArn provides customers with enhanced control over private resource access by enforcing region-based policies through VPC endpoints.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Aug 29
2025
2025
AWS IAM launches new VPC endpoint condition keys for network perimeter controls
Sep 30
2025
2025
AWS Transfer Family adds support for additional IAM condition keys
Feb 26
2025
2025
Amazon ECS adds support for additional IAM condition keys
Feb 3
2026
2026
AWS IAM Identity Center now supports multi-Region replication for AWS account access and application use
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.