AWS Direct Connect itself has NO specific resources for you to control access to. Therefore,
there are no AWS Direct Connect Amazon Resource Names (ARNs) for you to use in an Identity
and Access Management (IAM) policy. With that in mind, how is it possible to write a policy to
control access to AWS Direct Connect actions?
A.
You can leave the resource name field blank.
B.
You can choose the name of the AWS Direct Connection as the resource.
C.
You can use an asterisk (*) as the resource.
D.
You can create a name for the resource.
Explanation:
AWS Direct Connect itself has no specific resources for you to control access to. Therefore, there
are no AWS Direct Connect ARNs for you to use in an IAM policy. You use an asterisk (*) as the
resource when writing a policy to control access to AWS Direct Connect actions.
http://docs.aws.amazon.com/directconnect/latest/UserGuide/using_iam.html