George2: Created page with " In the AWS Management Console, click Services, then click IAM to open the IAM dashboard In the left navigation menu, click Policies. Click Create policy...."

2019-08-22T21:10:14Z

Created page with "<source lang="text"> In the AWS Management Console, click Services, then click IAM to open the IAM dashboard In the left navigation menu, click Policies. Click Create policy...."

New page

<source lang="text">
In the AWS Management Console, click Services, then click IAM to open the IAM dashboard
In the left navigation menu, click Policies.
Click Create policy.
Click the JSON tab.
In the editor textbox, completely replace the sample policy with the following.
</source>
<source lang="text">
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Sid1",
"Effect": "Allow",
"Action": [
"iam:*",
"rds:*",
"sns:*",
"cloudformation:*",
"rekognition:*",
"ec2:*",
"cognito-idp:*",
"sqs:*",
"xray:*",
"s3:*",
"elasticloadbalancing:*",
"cloud9:*",
"lambda:*",
"tag:GetResources",
"logs:*",
"kms:ListKeyPolicies",
"kms:GenerateRandom",
"kms:ListRetirableGrants",
"kms:GetKeyPolicy",
"kms:ListResourceTags",
"kms:ReEncryptFrom",
"kms:ListGrants",
"kms:GetParametersForImport",
"kms:ListKeys",
"kms:GetKeyRotationStatus",
"kms:ListAliases",
"kms:ReEncryptTo",
"kms:DescribeKey"
],
"Resource": "*"
}
]
}
</source>
<source lang="text">
Click Review Policy.
For Name, type edXProjectPolicy
Click Create policy.

You have successfully created an AWS IAM policy with full access to AWS IAM, Amazon EC2, Amazon S3,
Amazon RDS, Amazon SNS, Amazon SQS, Amazon Rekognition, AWS Lambda, Amazon Cognito, AWS Cloud9,
AWS X-Ray, and AWS CloudFormation. When you create IAM policies, follow the standard security
advice of granting least privilege - that is, granting only the permissions required to perform a task.
Determine what users need to do and then craft policies for them that let the users perform only those tasks.
</source>

Create an AWS IAM policy - Revision history

George2: Created page with " In the AWS Management Console, click Services, then click IAM to open the IAM dashboard In the left navigation menu, click Policies. Click Create policy...."