On this page

    Set up AWS IAM Permissions

    Set up permissions for an IAM role or user by creating a permissions policy and attaching it to the IAM role/user. This topic describes how to set up permissions for an IAM role or user:

    Create a New IAM Policy

    Performing the following steps to create a new IAM policy:

    1. In the AWS Management Console, open the IAM console.

    2. In the navigation pane, click Policies, and then click Create policy.

    3. On the Create policy page, click the JSON tab and paste the IAM permissions policy into the editor.

    4. Click Next: Tags.

    5. (Optional) In the Add tags page, you can add tags as key-value pairs to AWS resources for helping identify, organize, or search for AWS resources. Click Add tag. Enter a key and a corresponding value. You can add up to 50 tags.

    6. Click Next: Review.

    7. In the Review policy page, for Name, enter a name.

    8. (Optional) For Description, enter the description for the policy that is being created.

    9. The Summary section shows the properties of the policy that is being created. This section shows whether or not the actions defined by the policy that is being created have an applicable resource or condition. Ensure that to grant access, policies must have an action that has an applicable resource or condition.

    10. Click Create policy.

    Attach the Policy to an IAM Role or User

    Perform the following steps to attach the policy created in the previous step to an IAM role/user:

    1. In the AWS Management Console, open the IAM console.

    2. In the navigation pane, click Policies.

    3. In the list of policies, check the box next to the name of the policy created in the previous steps. Use the Filter menu and the search box to find the policy if necessary.

    4. From the Actions dropdown, select Attach.

    5. Select one or more roles/users to attach the policy to by checking the boxes. You can use the Filter menu and the search box to find the role/user if required.

    6. Click Attach policy.