AWS access policies and permissions

AWS account holders manage access to their resources by creating policies and embedding them to IAM entities. Permissions in the policies determine what actions the entity can or cannot perform. CloudSpend requires the following permissions for a successful integration.

ServiceAccess levelAction
Cost and Usage Report Full: Read

Read

DescribeReportDefinitions

IAM Limited: Read

Read

GetUser

GetUserPolicy

Organizations Full: List and Read 

List

ListAccounts

ListAccountsForParent

ListAWSServiceAccessForOrganization

ListChildren

ListCreateAccountStatus

ListHandshakesForAccount

ListHandshakesForOrganization

ListOrganizationalUnitsForParent

ListParents

ListPolicies

ListPoliciesForTarget

ListRoots

ListTargetsForPolicy


Read

DescribeAccount

DescribeCreateAccountStatus

DescribeHandshake

DescribeOrganization

DescribeOrganizationalUnit

DescribePolicy

Amazon S3 Full: list, Limited: Read

List

ListAllMyBuckets

ListBucket

Read

GetAccelerateConfiguration

GetAnalyticsConfiguration

GetBucketAcl

GetBucketCORS

GetBucketLocation

GetBucketLogging

GetBucketNotification

GetBucketPolicy

GetBucketRequestPayment

GetBucketTagging

GetBucketVersioning

GetBucketWebsite

GetEncryptionConfiguration

GetInventoryConfiguration

GetMetricsConfiguration

GetObject

GetObjectAcl

GetObjectTagging

GetObjectVersionAcl

GetObjectVersionForReplication

GetObjectVersionTagging

GetObjectVersionTorrent

GetReplicationConfiguration

ListBucketMultipartUploads

ListBucketVersions

ListMultipartUploadParts

©2024, Zoho Corporation Pvt. Ltd. All Rights Reserved.

Top
Back to Top