AWS ElastiCache - IAM policies
Using any AWS resource needs permissions from the AWS account holder to the user requesting such permission. Whether it is creation, access or deletion of the resource, all such actions are governed by such permissions. An account administrator can attach permissions policies to IAM identities which are - users, groups, and roles.
In Amazon ElastiCache, the primary resource is a cache cluster. These resources have unique Amazon Resource Names (ARNs) associated with them as shown below. ElastiCache provides a set of operations to work with ElastiCache resources.
The policies specific to ElastiCache can be searched for by going to IAM dashboard, selecting the policies section from the left tab. In the search box put the term ElastiCache and the result below shows all the policies related to this search term. In the below diagram we see 3 such policies which are owned by AWS.
Below is an example of a policy summary which lists the actions allowed and the ARN to which the policy is attached. The * option in action indicates that all actions are allowed. In case we want to restrict the actions in to few values, we can list them here in the policy.
ElastiCache Policy Actions
Each policy contains certain actions. Those actions give control to the user to whom the policy is granted. We can select one of the above policies and see the list of action related to that policy.