AWS ElastiCache - IAM policies


Advertisements


Using any AWS resource needs permissions from the AWS account holder to the user requesting such permission. Whether it is creation, access or deletion of the resource, all such actions are governed by such permissions. An account administrator can attach permissions policies to IAM identities which are - users, groups, and roles.

Resource Format

In Amazon ElastiCache, the primary resource is a cache cluster. These resources have unique Amazon Resource Names (ARNs) associated with them as shown below. ElastiCache provides a set of operations to work with ElastiCache resources.

ElastiCache Policies

The policies specific to ElastiCache can be searched for by going to IAM dashboard, selecting the policies section from the left tab. In the search box put the term ElastiCache and the result below shows all the policies related to this search term. In the below diagram we see 3 such policies which are owned by AWS.

policy_1.jpg

Policy Summary

Below is an example of a policy summary which lists the actions allowed and the ARN to which the policy is attached. The * option in action indicates that all actions are allowed. In case we want to restrict the actions in to few values, we can list them here in the policy.

policy_3.jpg

ElastiCache Policy Actions

Each policy contains certain actions. Those actions give control to the user to whom the policy is granted. We can select one of the above policies and see the list of action related to that policy.

policy_2.jpg

Advertisements