20519 IAM Actions
IAM Actions Explorer
Browse every AWS IAM action, resource type, and condition key. Understand exactly what permissions your policies need.
Alexa for Business
96a4b:*15 read61 write17 list3 tagging
Amazon AI Operations
33aiops:*10 read12 write5 list3 permissions3 tagging
Amazon API Gateway
3execute-api:*2 read1 write
Amazon API Gateway Management
13apigateway:*3 read7 write3 permissions
Amazon API Gateway Management V2
36apigateway:*9 read19 write5 list3 permissions
Amazon AppFlow
31appflow:*11 read13 write4 list3 tagging
Amazon AppIntegrations
35app-integrations:*5 read19 write8 list3 tagging
Amazon Application Recovery Controller - Zonal Shift
15arc-zonal-shift:*2 read10 write3 list
Amazon AppStream 2.0
89appstream:*21 read58 write4 list3 permissions3 tagging
Amazon ARC Region switch
24arc-region-switch:*4 read8 write6 list3 permissions3 tagging
Amazon Athena
81athena:*31 read32 write15 list3 tagging
Amazon Aurora DSQL
25dsql:*7 read11 write1 list3 permissions3 tagging
Amazon Bedrock
235bedrock:*52 read105 write34 list27 permissions17 tagging
Amazon Bedrock Agentcore
133bedrock-agentcore:*30 read57 write19 list18 permissions9 tagging
Amazon Bedrock Powered by AWS Mantle
23bedrock-mantle:*7 read9 write4 list3 tagging
Amazon Braket
20braket:*4 read8 write4 list1 permissions3 tagging
Amazon Chime
316chime:*86 read171 write50 list9 tagging
Amazon Cloud Directory
66clouddirectory:*11 read30 write18 list4 permissions3 tagging
Amazon CloudFront
173cloudfront:*38 read66 write38 list26 permissions5 tagging
Amazon CloudFront KeyValueStore
6cloudfront-keyvaluestore:*2 read3 write1 list
Amazon CloudSearch
32cloudsearch:*17 read10 write2 list3 tagging
Amazon CloudWatch
59cloudwatch:*22 read26 write8 list3 tagging
Amazon CloudWatch Application Insights
34applicationinsights:*10 read14 write7 list3 tagging
Amazon CloudWatch Application Signals
25application-signals:*4 read7 write11 list3 tagging
Amazon CloudWatch Evidently
38evidently:*8 read21 write6 list3 tagging
Amazon CloudWatch Internet Monitor
17internetmonitor:*6 read5 write3 list3 tagging
Amazon CloudWatch Logs
122logs:*40 read50 write10 list15 permissions7 tagging
Amazon CloudWatch Network Synthetic Monitor
12networkmonitor:*2 read6 write1 list3 tagging
Amazon CloudWatch Observability Access Manager
15oam:*2 read5 write3 list2 permissions3 tagging
Amazon CloudWatch Observability Admin Service
40observabilityadmin:*10 read20 write7 list3 tagging
Amazon CloudWatch Synthetics
22synthetics:*6 read10 write3 list3 tagging
Amazon CodeCatalyst
30codecatalyst:*5 read14 write4 list4 permissions3 tagging
Amazon CodeGuru
1codeguru:*1 read
Amazon CodeGuru Profiler
23codeguru-profiler:*8 read5 write3 list3 permissions4 tagging
Amazon CodeGuru Reviewer
17codeguru-reviewer:*4 read5 write5 list3 tagging
Amazon CodeGuru Security
15codeguru-security:*5 read4 write3 list3 tagging
Amazon CodeWhisperer
18codewhisperer:*3 read6 write3 list3 permissions3 tagging
Amazon Cognito Identity
26cognito-identity:*12 read4 write3 list2 permissions5 tagging
Amazon Cognito Sync
19cognito-sync:*10 read6 write3 list
Amazon Cognito User Pools
118cognito-idp:*60 read44 write11 list3 tagging
Amazon Comprehend
85comprehend:*25 read37 write17 list3 permissions3 tagging
Amazon Comprehend Medical
25comprehendmedical:*10 read10 write5 list
Amazon Connect
362connect:*62 read205 write86 list2 permissions7 tagging
Amazon Connect Cases
41cases:*8 read21 write9 list3 tagging
Amazon Connect Customer Profiles
102profile:*32 read42 write25 list3 tagging
Amazon Connect Health
42health-agent:*14 read16 write7 list5 tagging
Amazon Connect Outbound Campaigns
38connect-campaigns:*8 read25 write2 list3 tagging
Amazon Connect Voice ID
31voiceid:*9 read13 write6 list3 tagging
Amazon Data Lifecycle Manager
8dlm:*1 read4 permissions3 tagging
Amazon DataZone
226datazone:*54 read106 write43 list15 permissions8 tagging
Amazon Detective
36detective:*9 read15 write9 list3 tagging
Amazon DevOps Guru
31devops-guru:*13 read8 write10 list
Amazon DocumentDB Elastic Clusters
19docdb-elastic:*4 read9 write3 list3 tagging
Amazon DynamoDB
78dynamodb:*33 read32 write7 list3 permissions3 tagging
Amazon DynamoDB Accelerator (DAX)
30dax:*13 read14 write3 tagging
Amazon EC2
780ec2:*284 read445 write6 list42 permissions3 tagging
Amazon EC2 Auto Scaling
68autoscaling:*28 read33 write4 permissions3 tagging
Amazon EC2 Image Builder
77imagebuilder:*14 read27 write21 list12 permissions3 tagging
Amazon EC2 Instance Connect
3ec2-instance-connect:*1 read2 write
Amazon ECS MCP Service
2ecs-mcp:*1 read1 write
Amazon EKS Auth
1eks-auth:*1 permissions
Amazon EKS MCP Server
3eks-mcp:*2 read1 write
Amazon Elastic Block Store
6ebs:*1 read3 write2 list
Amazon Elastic Container Registry
60ecr:*19 read24 write2 list11 permissions4 tagging
Amazon Elastic Container Registry Public
23ecr-public:*7 read9 write3 permissions4 tagging
Amazon Elastic Container Service
67ecs:*17 read37 write10 list3 tagging
Amazon Elastic File System
38elasticfilesystem:*13 read14 write5 permissions6 tagging
Amazon Elastic Kubernetes Service
68eks:*17 read31 write15 list2 permissions3 tagging
Amazon Elastic MapReduce
83elasticmapreduce:*20 read38 write15 list8 permissions2 tagging
Amazon Elastic Transcoder
17elastictranscoder:*3 read9 write4 list1 permissions
Amazon Elastic VMware Service
14evs:*2 read6 write3 list3 tagging
Amazon ElastiCache
77elasticache:*31 read42 write1 list3 tagging
Amazon EMR on EKS (EMR Containers)
25emr-containers:*6 read11 write5 list3 tagging
Amazon EMR Serverless
19emr-serverless:*6 read7 write3 list3 tagging
Amazon EventBridge
60events:*15 read28 write12 list2 permissions3 tagging
Amazon EventBridge Pipes
10pipes:*1 read5 write1 list3 tagging
Amazon EventBridge Scheduler
12scheduler:*2 read5 write2 list3 tagging
Amazon EventBridge Schemas
31schemas:*6 read14 write5 list3 permissions3 tagging
Amazon FinSpace
59finspace:*15 read30 write11 list3 tagging
Amazon FinSpace API
1finspace-api:*1 read
Amazon Forecast
70forecast:*20 read33 write14 list3 tagging
Amazon Fraud Detector
74frauddetector:*24 read46 write1 list3 tagging
Amazon FreeRTOS
20freertos:*8 read5 write7 list
Amazon FSx
56fsx:*14 read36 write3 permissions3 tagging
Amazon GameLift Servers
118gamelift:*42 read58 write13 list2 permissions3 tagging
Amazon GameLift Streams
24gameliftstreams:*3 read14 write4 list3 tagging
Amazon GroundTruth Labeling
16groundtruthlabeling:*4 read9 write3 list
Amazon GuardDuty
88guardduty:*27 read44 write14 list3 tagging
Amazon Honeycode
30honeycode:*5 read15 write7 list3 tagging
Amazon Inspector
37inspector:*13 read12 write8 list2 permissions2 tagging
Amazon Inspector2
75inspector2:*19 read36 write16 list1 permissions3 tagging
Amazon Inspector2 Telemetry Channel
4inspector2-telemetry:*1 read3 write
Amazon InspectorScan
1inspector-scan:*1 read
Amazon Interactive Video Service
71ivs:*15 read27 write15 list4 permissions10 tagging
Amazon Interactive Video Service Chat
17ivschat:*3 read9 write2 list3 tagging
Amazon Kendra
66kendra:*17 read34 write12 list3 tagging
Amazon Kendra Intelligent Ranking
9kendra-ranking:*2 read3 write1 list3 tagging
Amazon Keyspaces (for Apache Cassandra)
21cassandra:*9 read7 write1 list4 tagging
Amazon Kinesis Analytics
17kinesisanalytics:*3 read10 write1 list3 tagging
Amazon Kinesis Analytics V2
33kinesisanalytics:*6 read20 write4 list3 tagging
Amazon Kinesis Data Streams
40kinesis:*13 read15 write3 list3 permissions6 tagging
Amazon Kinesis Firehose
12firehose:*1 read7 write1 list3 tagging
Amazon Kinesis Video Streams
46kinesisvideo:*21 read15 write4 list6 tagging
Amazon Lex
47lex:*24 read20 write3 tagging
Amazon Lex V2
119lex:*26 read53 write29 list6 permissions5 tagging
Amazon Lightsail
161lightsail:*71 read88 write2 tagging
Amazon Location
60geo:*19 read26 write12 list3 tagging
Amazon Location Service Maps
2geo-maps:*2 read
Amazon Location Service Places
7geo-places:*5 read2 list
Amazon Location Service Routes
5geo-routes:*5 read
Amazon Lookout for Equipment
49lookoutequipment:*8 read24 write11 list3 permissions3 tagging
Amazon Lookout for Metrics
30lookoutmetrics:*12 read9 write6 list3 tagging
Amazon Lookout for Vision
25lookoutvision:*6 read11 write5 list3 tagging
Amazon Machine Learning
28machinelearning:*9 read16 write3 tagging
Amazon Macie
81macie2:*28 read35 write15 list3 tagging
Amazon Managed Blockchain
34managedblockchain:*8 read16 write7 list3 tagging
Amazon Managed Blockchain Query
9managedblockchain-query:*4 read5 list
Amazon Managed Grafana
25grafana:*3 read13 write4 list2 permissions3 tagging
Amazon Managed Service for Prometheus
61aps:*18 read27 write10 list3 permissions3 tagging
Amazon Managed Streaming for Apache Kafka
59kafka:*12 read28 write13 list3 permissions3 tagging
Amazon Managed Streaming for Kafka Connect
18kafkaconnect:*4 read7 write4 list3 tagging
Amazon Managed Workflows for Apache Airflow
12airflow:*1 read7 write1 list3 tagging
Amazon Mechanical Turk
39mechanicalturk:*7 read22 write9 list1 permissions
Amazon MemoryDB
47memorydb:*19 read23 write2 list3 tagging
Amazon Message Delivery Service
6ec2messages:*4 read2 write
Amazon Message Gateway Service
4ssmmessages:*2 read2 write
Amazon Mobile Analytics
3mobileanalytics:*2 read1 write
Amazon Monitron
18monitron:*2 read7 write3 list3 permissions3 tagging
Amazon MQ
26mq:*7 read12 write4 list3 tagging
Amazon Neptune
33neptune-db:*14 read14 write5 list
Amazon Neptune Analytics
38neptune-graph:*11 read18 write6 list3 tagging
Amazon Nimble Studio
51nimble:*13 read25 write10 list3 tagging
Amazon Nova Act
16nova-act:*2 read9 write5 list
Amazon One Enterprise
28one:*5 read15 write5 list3 tagging
Amazon OpenSearch
10opensearch:*5 read4 write1 list
Amazon OpenSearch Ingestion
23osis:*5 read8 write4 list3 permissions3 tagging
Amazon OpenSearch Serverless
49aoss:*9 read17 write7 list13 permissions3 tagging
Amazon OpenSearch Service
114es:*47 read45 write16 list3 permissions3 tagging
Amazon Personalize
83personalize:*24 read38 write18 list3 tagging
Amazon Pinpoint
123mobiletargeting:*52 read65 write3 list3 tagging
Amazon Pinpoint Email Service
42ses:*11 read23 write5 list3 tagging
Amazon Pinpoint SMS and Voice Service
8sms-voice:*1 read6 write1 list
Amazon Polly
9polly:*4 read3 write2 list
Amazon Q
37q:*10 read18 write4 list2 permissions3 tagging
Amazon Q Business
93qbusiness:*18 read48 write20 list4 permissions3 tagging
Amazon Q Business Q Apps
39qapps:*7 read23 write4 list2 permissions3 tagging
Amazon Q Developer
7qdeveloper:*1 read2 write4 tagging
Amazon Q in Connect
93wisdom:*22 read48 write20 list3 tagging
Amazon QLDB
35qldb:*21 read6 write4 list1 permissions3 tagging
Amazon QuickSight
271quicksight:*63 read108 write47 list49 permissions4 tagging
Amazon RDS
169rds:*62 read100 write4 permissions3 tagging
Amazon RDS Data API
6rds-data:*5 read1 write
Amazon RDS IAM Authentication
1rds-db:*1 read
Amazon Redshift
166redshift:*65 read86 write5 list7 permissions3 tagging
Amazon Redshift Data API
11redshift-data:*4 read2 write4 list1 tagging
Amazon Redshift Serverless
68redshift-serverless:*17 read30 write15 list3 permissions3 tagging
Amazon Rekognition
76rekognition:*26 read33 write12 list2 permissions3 tagging
Amazon Resource Group Tagging API
9tag:*3 read1 write5 tagging
Amazon RHEL Knowledgebase Portal
1rhelkb:*1 read
Amazon Route 53
71route53:*20 read21 write13 list14 permissions3 tagging
Amazon Route 53 Domains
34route53domains:*14 read14 write3 list3 tagging
Amazon Route 53 Profiles
18route53profiles:*3 read7 write3 list2 permissions3 tagging
Amazon Route 53 Recovery Cluster
4route53-recovery-cluster:*1 read2 write1 list
Amazon Route 53 Recovery Controls
28route53-recovery-control-config:*5 read12 write5 list3 permissions3 tagging
Amazon Route 53 Recovery Readiness
32route53-recovery-readiness:*9 read14 write6 list3 tagging
Amazon Route 53 Resolver
68route53resolver:*12 read32 write15 list6 permissions3 tagging
Amazon S3
168s3:*50 read54 write11 list35 permissions18 tagging
Amazon S3 Express
24s3express:*4 read9 write2 list6 permissions3 tagging
Amazon S3 Glacier
33glacier:*8 read12 write5 list5 permissions3 tagging
Amazon S3 Object Lambda
26s3-object-lambda:*7 read9 write4 list6 tagging
Amazon S3 on Outposts
48s3-outposts:*10 read14 write9 list6 permissions9 tagging
Amazon S3 Tables
53s3tables:*19 read22 write3 list6 permissions3 tagging
Amazon S3 Vectors
19s3vectors:*4 read6 write3 list3 permissions3 tagging
Amazon SageMaker
412sagemaker:*89 read216 write89 list10 permissions8 tagging
Amazon SageMaker data science assistant
1sagemaker-data-science-assistant:*1 write
Amazon SageMaker geospatial capabilities
19sagemaker-geospatial:*4 read8 write4 list3 tagging
Amazon SageMaker Unified Studio MCP
3sagemaker-unified-studio-mcp:*2 read1 write
Amazon SageMaker with MLflow
61sagemaker-mlflow:*22 read19 write8 list12 tagging
Amazon Security Lake
31securitylake:*4 read20 write4 list3 tagging
Amazon SES
71ses:*20 read41 write8 list2 permissions
Amazon Simple Email Service - Mail Manager
61ses:*15 read27 write12 list4 permissions3 tagging
Amazon Simple Email Service v2
111ses:*28 read58 write18 list4 permissions3 tagging
Amazon Simple Workflow Service
51swf:*31 read12 write5 list3 tagging
Amazon SimpleDB
10sdb:*3 read6 write1 list
Amazon SNS
41sns:*12 read14 write8 list4 permissions3 tagging
Amazon SQS
20sqs:*5 read7 write3 list2 permissions3 tagging
Amazon Textract
25textract:*11 read9 write2 list3 tagging
Amazon Timestream
37timestream:*15 read14 write5 list3 tagging
Amazon Timestream InfluxDB
19timestream-influxdb:*3 read9 write4 list3 tagging
Amazon Transcribe
51transcribe:*10 read29 write9 list3 tagging
Amazon Translate
19translate:*5 read7 write4 list3 tagging
Amazon Verified Permissions
27verifiedpermissions:*4 read4 write2 list14 permissions3 tagging
Amazon VPC Lattice
75vpc-lattice:*12 read39 write15 list6 permissions3 tagging
Amazon VPC Lattice Services
2vpc-lattice-svcs:*1 read1 write
Amazon WorkDocs
61workdocs:*23 read30 write1 list7 permissions
Amazon WorkLink
34worklink:*8 read15 write6 list2 permissions3 tagging
Amazon WorkMail
126workmail:*28 read60 write19 list16 permissions3 tagging
Amazon WorkMail Message Flow
2workmailmessageflow:*1 read1 write
Amazon WorkSpaces
98workspaces:*28 read60 write2 list5 permissions3 tagging
Amazon WorkSpaces Application Manager
1wam:*1 read
Amazon WorkSpaces Secure Browser
75workspaces-web:*14 read46 write12 list3 tagging
Amazon WorkSpaces Thin Client
18thinclient:*4 read7 write4 list3 tagging
AmazonMediaImport
1mediaimport:*1 write
Apache Kafka APIs for Amazon MSK clusters
19kafka-cluster:*16 read3 write
Application Discovery Arsenal
1arsenal:*1 write
AWS Account Management
16account:*6 read9 write1 list
AWS Action Recommendations
1action-recommendations:*1 list
AWS Activate
8activate:*6 read2 write
AWS Amplify
41amplify:*9 read21 write8 list3 tagging
AWS Amplify Admin
31amplifybackend:*8 read21 write2 list
AWS Amplify UI Builder
29amplifyuibuilder:*7 read15 write4 list3 tagging
AWS App Mesh
42appmesh:*8 read21 write7 list3 permissions3 tagging
AWS App Mesh Preview
39appmesh-preview:*8 read21 write7 list3 permissions
AWS App Runner
42apprunner:*10 read20 write9 list3 tagging
AWS App Studio
5appstudio:*2 read3 write
AWS App2Container
4a2c:*2 read2 write
AWS AppConfig
47appconfig:*12 read24 write8 list3 tagging
AWS AppFabric
26appfabric:*6 read13 write4 list3 tagging
AWS Application Auto Scaling
14application-autoscaling:*5 read4 write2 permissions3 tagging
AWS Application Discovery Service
29discovery:*9 read15 write2 list3 tagging
AWS Application Migration Service
134mgn:*33 read67 write24 list1 permissions9 tagging
AWS Application Transformation Service
14application-transformation:*6 read8 write
AWS AppSync
87appsync:*24 read44 write13 list3 permissions3 tagging
AWS Artifact
15artifact:*6 read3 write3 list3 tagging
AWS Audit Manager
62auditmanager:*19 read29 write11 list3 tagging
AWS Auto Scaling
6autoscaling-plans:*3 read3 write
AWS B2B Data Interchange
30b2bi:*9 read14 write4 list3 tagging
AWS Backup
118backup:*27 read52 write30 list6 permissions3 tagging
AWS Backup Gateway
27backup-gateway:*7 read14 write3 list3 tagging
AWS Backup Search
12backup-search:*2 read3 write4 list3 tagging
AWS Backup storage
15backup-storage:*8 read5 write2 list
AWS Batch
39batch:*11 read17 write5 list3 permissions3 tagging
AWS Billing
28billing:*12 read8 write2 list3 permissions3 tagging
AWS Billing and Cost Management Dashboards
9bcm-dashboards:*1 read3 write1 list1 permissions3 tagging
AWS Billing And Cost Management Data Exports
12bcm-data-exports:*3 read3 write3 list3 tagging
AWS Billing And Cost Management Pricing Calculator
36bcm-pricing-calculator:*4 read19 write10 list3 tagging
AWS Billing And Cost Management Recommended Actions
1bcm-recommended-actions:*1 list
AWS Billing Conductor
32billingconductor:*1 read18 write10 list3 tagging
AWS Billing Console
9aws-portal:*5 read4 write
AWS Budget Service
13budgets:*6 read4 write3 tagging
AWS BugBust
17bugbust:*4 read4 write6 list3 tagging
AWS Certificate Manager
16acm:*6 read6 write1 list3 tagging
AWS Chatbot
39chatbot:*12 read19 write5 list3 tagging
AWS Clean Rooms
92cleanrooms:*27 read42 write20 list3 tagging
AWS Clean Rooms ML
59cleanrooms-ml:*13 read24 write16 list3 permissions3 tagging
AWS Cloud Control API
8cloudformation:*2 read4 write2 list
AWS Cloud Map
33servicediscovery:*8 read15 write4 list3 permissions3 tagging
AWS Cloud9
29cloud9:*12 read13 write1 list3 tagging
AWS CloudFormation
94cloudformation:*40 read28 write22 list2 permissions2 tagging
AWS CloudHSM
18cloudhsm:*3 read9 write3 permissions3 tagging
AWS CloudShell
11cloudshell:*4 read7 write
AWS CloudTrail
66cloudtrail:*16 read32 write12 list3 permissions3 tagging
AWS CloudTrail Data
1cloudtrail-data:*1 write
AWS CloudWatch RUM
20rum:*3 read9 write2 list3 permissions3 tagging
AWS CodeArtifact
51codeartifact:*12 read19 write11 list6 permissions3 tagging
AWS CodeBuild
67codebuild:*15 read31 write18 list3 permissions
AWS CodeCommit
90codecommit:*45 read35 write7 list3 tagging
AWS CodeConnections
38codeconnections:*13 read16 write6 list3 tagging
AWS CodeDeploy
48codedeploy:*17 read17 write9 list5 tagging
AWS CodeDeploy secure host commands service
4codedeploy-commands-secure:*2 read2 write
AWS CodePipeline
44codepipeline:*10 read18 write8 list8 tagging
AWS CodeStar
22codestar:*3 read11 write4 list1 permissions3 tagging
AWS CodeStar Connections
38codestar-connections:*13 read16 write6 list3 tagging
AWS CodeStar Notifications
13codestar-notifications:*3 read4 write3 list3 tagging
AWS Compute Optimizer
28compute-optimizer:*17 read11 write
AWS Compute Optimizer Automation
23aco-automation:*4 read7 write9 list3 tagging
AWS Config
97config:*40 read38 write5 list2 permissions12 tagging
AWS Connector Service
3awsconnector:*2 read1 write
AWS Console Mobile App
2consoleapp:*1 read1 list
AWS Consolidated Billing
2consolidatedbilling:*1 list1 permissions
AWS Control Catalog
6controlcatalog:*1 read5 list
AWS Control Tower
65controltower:*24 read19 write19 list3 tagging
AWS Cost and Usage Report
12cur:*5 read4 write3 tagging
AWS Cost Explorer Service
59ce:*28 read19 write4 list8 tagging
AWS Cost Optimization Hub
8cost-optimization-hub:*2 read2 write4 list
AWS Customer Verification Service
5customer-verification:*2 read3 write
AWS Data Exchange
40dataexchange:*5 read19 write5 list11 tagging
AWS Data Pipeline
21datapipeline:*12 read6 write1 list2 tagging
AWS Database Migration Service
124dms:*47 read66 write8 list3 tagging
AWS DataSync
66datasync:*19 read38 write5 list4 tagging
AWS Deadline Cloud
115deadline:*22 read53 write32 list5 permissions3 tagging
AWS Device Farm
77devicefarm:*22 read29 write23 list3 tagging
AWS DevOps Agent Service
50aidevops:*13 read23 write12 list2 tagging
AWS Diagnostic tools
9ts:*3 read1 write2 list3 tagging
AWS Direct Connect
63directconnect:*22 read37 write1 list3 tagging
AWS Directory Service
91ds:*27 read50 write6 list5 permissions3 tagging
AWS Directory Service Data
17ds-data:*2 read9 write6 list
AWS Elastic Beanstalk
50elasticbeanstalk:*22 read19 write3 list2 permissions4 tagging
AWS Elastic Disaster Recovery
90drs:*30 read48 write2 list10 tagging
AWS Elastic Load Balancing
28elasticloadbalancing:*6 read14 write5 permissions3 tagging
AWS Elastic Load Balancing V2
57elasticloadbalancing:*20 read33 write1 permissions3 tagging
AWS Elemental Appliances and Software
14elemental-appliances-software:*8 read5 write1 list
AWS Elemental Appliances and Software Activation Service
13elemental-activations:*10 read3 write
AWS Elemental Inference
12elemental-inference:*2 read6 write1 list3 tagging
AWS Elemental MediaConnect
80mediaconnect:*20 read46 write10 list1 permissions3 tagging
AWS Elemental MediaConvert
32mediaconvert:*6 read14 write6 list3 permissions3 tagging
AWS Elemental MediaLive
125medialive:*28 read71 write23 list3 tagging
AWS Elemental MediaPackage
19mediapackage:*4 read9 write3 list3 tagging
AWS Elemental MediaPackage V2
34mediapackagev2:*7 read14 write4 list6 permissions3 tagging
AWS Elemental MediaPackage VOD
17mediapackage-vod:*4 read7 write3 list3 tagging
AWS Elemental MediaStore
26mediastore:*3 read6 write2 list12 permissions3 tagging
AWS Elemental MediaTailor
44mediatailor:*10 read21 write7 list3 permissions3 tagging
AWS Elemental Support Cases
17elemental-support-cases:*3 read9 write2 permissions3 tagging
AWS Elemental Support Content
1elemental-support-content:*1 read
AWS End User Messaging SMS and Voice V2
90sms-voice:*25 read56 write3 list3 permissions3 tagging
AWS End User Messaging Social
21social-messaging:*5 read10 write3 list3 tagging
AWS Entity Resolution
40entityresolution:*11 read15 write7 list4 permissions3 tagging
AWS Fault Injection Service
29fis:*10 read9 write7 list3 tagging
AWS Firewall Manager
42fms:*10 read15 write11 list3 permissions3 tagging
AWS Free Tier
7freetier:*5 read1 write1 list
AWS Global Accelerator
56globalaccelerator:*14 read27 write12 list3 tagging
AWS Glue
301glue:*117 read145 write26 list3 permissions10 tagging
AWS Glue DataBrew
44databrew:*7 read26 write8 list3 tagging
AWS Ground Station
35groundstation:*8 read15 write7 list5 tagging
AWS Health APIs and Notifications
14health:*11 read2 write1 tagging
AWS HealthImaging
28medical-imaging:*12 read6 write7 list3 tagging
AWS HealthLake
47healthlake:*25 read11 write8 list3 tagging
AWS HealthOmics
96omics:*23 read45 write22 list3 permissions3 tagging
AWS IAM Access Analyzer
35access-analyzer:*11 read9 write6 list6 permissions3 tagging
AWS IAM Identity Center
126sso:*23 read51 write21 list28 permissions3 tagging
AWS IAM Identity Center directory
57sso-directory:*14 read31 write12 list
AWS IAM Identity Center OIDC service
3sso-oauth:*1 read2 write
AWS Identity and Access Management (IAM)
187iam:*32 read56 write23 list52 permissions24 tagging
AWS Identity and Access Management Roles Anywhere
30rolesanywhere:*4 read19 write4 list3 tagging
AWS Identity Store
27identitystore:*9 read13 write5 list
AWS Identity Store Auth
3identitystore-auth:*1 read1 write1 list
AWS Identity Sync
13identity-sync:*3 read9 write1 list
AWS Import Export Disk Service
6importexport:*2 read3 write1 list
AWS Invoicing Service
22invoicing:*6 read9 write4 list3 tagging
AWS IoT
290iot:*70 read134 write64 list19 permissions3 tagging
AWS IoT Analytics
34iotanalytics:*7 read19 write5 list3 tagging
AWS IoT Core Device Advisor
14iotdeviceadvisor:*4 read5 write2 list3 tagging
AWS IoT Device Tester
5iot-device-tester:*4 read1 write
AWS IoT Events
39iotevents:*8 read20 write8 list3 tagging
AWS IoT Fleet Hub for Device Management
8iotfleethub:*1 read3 write1 list3 tagging
AWS IoT FleetWise
56iotfleetwise:*12 read28 write13 list3 tagging
AWS IoT Greengrass
93greengrass:*23 read41 write20 list6 permissions3 tagging
AWS IoT Greengrass V2
29greengrass:*7 read9 write7 list3 permissions3 tagging
AWS IoT Jobs DataPlane
4iotjobsdata:*2 read2 write
AWS IoT Managed Integrations
83iotmanagedintegrations:*22 read41 write17 list3 tagging
AWS IoT SiteWise
106iotsitewise:*30 read46 write23 list4 permissions3 tagging
AWS IoT TwinMaker
40iottwinmaker:*10 read18 write9 list3 tagging
AWS IoT Wireless
113iotwireless:*29 read65 write16 list3 tagging
AWS IQ
63iq:*28 read27 write8 list
AWS IQ Permissions
9iq-permission:*9 permissions
AWS Key Management Service
55kms:*24 read17 write4 list7 permissions3 tagging
AWS Lake Formation
61lakeformation:*16 read19 write5 list6 permissions15 tagging
AWS Lambda
88lambda:*21 read44 write14 list6 permissions3 tagging
AWS Launch Wizard
40launchwizard:*15 read11 write11 list3 tagging
AWS License Manager
62license-manager:*13 read20 write17 list9 permissions3 tagging
AWS License Manager Linux Subscriptions Manager
11license-manager-linux-subscriptions:*2 read3 write3 list3 tagging
AWS License Manager User Subscriptions
17license-manager-user-subscriptions:*9 write5 list3 tagging
AWS Mainframe Modernization Application Testing
24apptest:*4 read11 write6 list3 tagging
AWS Mainframe Modernization Service
37m2:*9 read14 write11 list3 tagging
AWS Marketplace
27aws-marketplace:*4 read7 write2 list14 tagging
AWS Marketplace Catalog
14aws-marketplace:*3 read2 write3 list3 permissions3 tagging
AWS Marketplace Commerce Analytics Service
2marketplacecommerceanalytics:*1 read1 write
AWS Marketplace Deployment Service
4aws-marketplace:*1 write3 tagging
AWS Marketplace Discovery
1aws-marketplace:*1 list
AWS Marketplace Entitlement Service
1aws-marketplace:*1 read
AWS Marketplace Image Building Service
3aws-marketplace:*1 read1 write1 list
AWS Marketplace Management Portal
13aws-marketplace-management:*9 read4 write
AWS Marketplace Metering Service
4aws-marketplace:*2 read2 write
AWS Marketplace Private Marketplace
5aws-marketplace:*1 read3 write1 list
AWS Marketplace Procurement Systems Integration
2aws-marketplace:*1 read1 write
AWS Marketplace Reporting
1aws-marketplace:*1 read
AWS Marketplace Seller Reporting
1aws-marketplace:*1 read
AWS Marketplace Vendor Insights
24vendor-insights:*7 read9 write5 list3 tagging
AWS MCP Server
3aws-mcp:*2 read1 write
AWS Microservice Extractor for .NET
1serviceextract:*1 read
AWS Migration Acceleration Program Credits
3mapcredits:*3 list
AWS Migration Hub
46mgh:*9 read19 write10 list5 permissions3 tagging
AWS Migration Hub Orchestrator
34migrationhub-orchestrator:*8 read16 write7 list3 tagging
AWS Migration Hub Refactor Spaces
24refactor-spaces:*4 read9 write5 list3 permissions3 tagging
AWS Migration Hub Strategy Recommendations
31migrationhub-strategy:*12 read12 write7 list
AWS MWAA Serverless
15airflow-serverless:*3 read5 write4 list3 tagging
AWS Network Firewall
79network-firewall:*14 read42 write11 list9 permissions3 tagging
AWS Network Manager
95networkmanager:*27 read47 write7 list11 permissions3 tagging
AWS Network Manager Chat
7networkmanager-chat:*1 read4 write2 list
AWS OpsWorks
74opsworks:*22 read46 write3 permissions3 tagging
AWS OpsWorks Configuration Management
19opsworks-cm:*5 read11 write3 tagging
AWS Organizations
63organizations:*11 read18 write16 list15 permissions3 tagging
AWS Outposts
36outposts:*11 read14 write8 list3 tagging
AWS Panorama
36panorama:*13 read11 write9 list3 tagging
AWS Parallel Computing Service
20pcs:*4 read10 write3 list3 tagging
AWS Partner Central
110partnercentral:*29 read54 write24 list3 tagging
AWS Partner central account management
5partnercentral-account-management:*2 read3 write
AWS Payment Cryptography
40payment-cryptography:*21 read14 write2 list3 tagging
AWS Payments
24payments:*7 read7 write7 list3 tagging
AWS Performance Insights
13pi:*5 read2 write3 list3 tagging
AWS Price List
5pricing:*4 read1 list
AWS PricingPlanManager Service
8pricingplanmanager:*1 read6 write1 list
AWS Private CA Connector for Active Directory
25pca-connector-ad:*4 read9 write4 list5 permissions3 tagging
AWS Private CA Connector for SCEP
12pca-connector-scep:*3 read4 write2 list3 tagging
AWS Private Certificate Authority
23acm-pca:*6 read7 write1 list6 permissions3 tagging
AWS PrivateLink
1vpce:*1 read
AWS Proton
111proton:*25 read56 write24 list3 permissions3 tagging
AWS Purchase Orders Console
14purchase-orders:*3 read6 write2 list3 tagging
AWS Recycle Bin
10rbin:*3 read3 write1 list3 tagging
AWS rePost Private
19repostspace:*2 read8 write2 list4 permissions3 tagging
AWS Resilience Hub
63resiliencehub:*11 read25 write20 list4 permissions3 tagging
AWS Resource Access Manager (RAM)
34ram:*4 read8 write4 list16 permissions2 tagging
AWS Resource Explorer
37resource-explorer-2:*9 read13 write9 list3 permissions3 tagging
AWS Resource Groups
29resource-groups:*6 read8 write5 list3 permissions7 tagging
AWS RoboMaker
59robomaker:*14 read30 write12 list3 tagging
AWS Route53 Global Resolver
48route53globalresolver:*9 read27 write9 list3 tagging
AWS RTB Fabric
27rtbfabric:*5 read16 write3 list3 tagging
AWS Savings Plans
10savingsplans:*5 read2 write3 tagging
AWS Secrets Manager
23secretsmanager:*5 read9 write2 list4 permissions3 tagging
AWS Security Agent
85securityagent:*25 read37 write18 list5 tagging
AWS Security Hub
114securityhub:*37 read50 write11 list11 permissions5 tagging
AWS Security Incident Response
24security-ir:*5 read11 write5 list3 tagging
AWS Security Token Service
16sts:*9 read2 write3 permissions2 tagging
AWS Server Migration Service
37sms:*14 read22 write1 list
AWS Serverless Application Repository
15serverlessrepo:*3 read6 write4 list2 permissions
AWS Service - Oracle Database@AWS
51odb:*10 read21 write11 list6 permissions3 tagging
AWS Service Catalog
117servicecatalog:*29 read50 write24 list3 permissions11 tagging
AWS Service for managing AWS Console user experience capabilities.
3uxc:*1 read2 write
AWS service providing managed private networks
26private-networks:*11 read7 write5 list3 tagging
AWS Shield
39shield:*10 read19 write5 list2 permissions3 tagging
AWS Shield network security director
8network-security-director:*2 read1 write5 list
AWS Signer
19signer:*5 read5 write3 list3 permissions3 tagging
AWS Signin
4signin:*1 read2 write1 list
AWS SimSpace Weaver
16simspaceweaver:*2 read9 write2 list3 tagging
AWS Snow Device Management
13snow-device-management:*4 read2 write4 list3 tagging
AWS Snowball
27snowball:*9 read11 write7 list
AWS SQL Workbench
79sqlworkbench:*23 read42 write10 list4 tagging
AWS Step Functions
39states:*12 read18 write6 list3 tagging
AWS Storage Gateway
97storagegateway:*30 read51 write11 list2 permissions3 tagging
AWS Supply Chain
36scn:*8 read16 write7 list2 permissions3 tagging
AWS Support
34support:*21 read10 write3 list
AWS Support App in Slack
13supportapp:*4 read7 write2 list
AWS Support Console
13support-console:*10 read3 write
AWS Support Plans
5supportplans:*2 read2 write1 list
AWS Sustainability
1sustainability:*1 read
AWS Systems Manager
156ssm:*66 read64 write18 list5 permissions3 tagging
AWS Systems Manager for SAP
30ssm-sap:*6 read9 write9 list3 permissions3 tagging
AWS Systems Manager GUI Connect
7ssm-guiconnect:*2 read4 write1 list
AWS Systems Manager Incident Manager
31ssm-incidents:*6 read14 write6 list2 permissions3 tagging
AWS Systems Manager Incident Manager Contacts
40ssm-contacts:*8 read16 write11 list2 permissions3 tagging
AWS Systems Manager Quick Setup
14ssm-quicksetup:*3 read5 write3 list3 tagging
AWS Tax Settings
23tax:*8 read11 write4 list
AWS Telco Network Builder
33tnb:*12 read13 write5 list3 tagging
AWS Tiros
5tiros:*4 read1 write
AWS Transfer Family
71transfer:*14 read40 write12 list1 permissions4 tagging
AWS Transform
20transform:*2 read9 write2 list7 tagging
AWS Transform custom
22transform-custom:*5 read10 write4 list3 tagging
AWS Trusted Advisor
52trustedadvisor:*26 read14 write12 list
AWS User Notifications
41notifications:*8 read19 write11 list3 tagging
AWS User Notifications Contacts
9notifications-contacts:*2 read3 write1 list3 tagging
AWS User Subscriptions
7user-subscriptions:*4 write3 list
AWS Verified Access
1verified-access:*1 read
AWS WAF
77waf:*17 read39 write15 list3 permissions3 tagging
AWS WAF Regional
81waf-regional:*18 read41 write16 list3 permissions3 tagging
AWS WAF V2
57wafv2:*17 read23 write11 list3 permissions3 tagging
AWS Well-Architected Tool
73wellarchitected:*18 read34 write18 list3 tagging
AWS Wickr
46wickr:*10 read25 write8 list3 tagging
AWS WorkSpaces Managed Instances
13workspaces-instances:*1 read6 write3 list3 tagging
AWS X-Ray
43xray:*21 read15 write2 list2 permissions3 tagging
Database Query Metadata Service
13dbqms:*4 read9 write
Multi-party approval
25mpa:*3 read9 write5 list5 permissions3 tagging
Network Flow Monitor
26networkflowmonitor:*8 read13 write2 list3 tagging
Service Quotas
26servicequotas:*8 read9 write6 list3 tagging
Tag Editor
3resource-explorer:*2 list1 tagging