Skip to content

Policy: AmazonMSKFullAccess

ARN: arn:aws:iam::aws:policy/AmazonMSKFullAccess

Allowed Actions

Actions Services
S3:GetBucketPolicy S3
ec2:CreateTags ec2
ec2:CreateVpcEndpoint ec2
ec2:CreateVpcEndpoint ec2
ec2:DeleteVpcEndpoints ec2
ec2:DescribeRouteTables ec2
ec2:DescribeSecurityGroups ec2
ec2:DescribeSubnets ec2
ec2:DescribeVpcAttribute ec2
ec2:DescribeVpcEndpoints ec2
ec2:DescribeVpcs ec2
firehose:TagDeliveryStream firehose
iam:CreateServiceLinkedRole iam
iam:CreateServiceLinkedRole iam
iam:PassRole iam
kafka:* kafka
kms:CreateGrant kms
kms:DescribeKey kms
logs:CreateLogDelivery logs
logs:DeleteLogDelivery logs
logs:DescribeLogGroups logs
logs:DescribeResourcePolicies logs
logs:GetLogDelivery logs
logs:ListLogDeliveries logs
logs:PutResourcePolicy logs
logs:UpdateLogDelivery logs