Policy: AmazonWorkMailFullAccess

ARN: arn:aws:iam::aws:policy/AmazonWorkMailFullAccess

Allowed Actions

Actions	Services
cloudwatch:GetMetricData	cloudwatch
ds:AuthorizeApplication	ds
ds:CheckAlias	ds
ds:CreateAlias	ds
ds:CreateDirectory	ds
ds:CreateIdentityPoolDirectory	ds
ds:DeleteDirectory	ds
ds:DescribeDirectories	ds
ds:GetDirectoryLimits	ds
ds:ListAuthorizedApplications	ds
ds:UnauthorizeApplication	ds
ec2:AuthorizeSecurityGroupEgress	ec2
ec2:AuthorizeSecurityGroupIngress	ec2
ec2:CreateNetworkInterface	ec2
ec2:CreateSecurityGroup	ec2
ec2:CreateSubnet	ec2
ec2:CreateTags	ec2
ec2:CreateVpc	ec2
ec2:DeleteSecurityGroup	ec2
ec2:DeleteSubnet	ec2
ec2:DeleteVpc	ec2
ec2:DescribeAvailabilityZones	ec2
ec2:DescribeRouteTables	ec2
ec2:DescribeSubnets	ec2
ec2:DescribeVpcs	ec2
ec2:RevokeSecurityGroupEgress	ec2
ec2:RevokeSecurityGroupIngress	ec2
iam:CreateServiceLinkedRole	iam
iam:DeleteServiceLinkedRole	iam
iam:GetServiceLinkedRoleDeletionStatus	iam
iam:ListRoles	iam
iam:PassRole	iam
kms:DescribeKey	kms
kms:ListAliases	kms
lambda:ListFunctions	lambda
logs:CreateLogGroup	logs
logs:DescribeLogGroups	logs
logs:PutRetentionPolicy	logs
route53:ChangeResourceRecordSets	route53
route53:GetHostedZone	route53
route53:ListHostedZones	route53
route53:ListResourceRecordSets	route53
route53domains:CheckDomainAvailability	route53domains
route53domains:ListDomains	route53domains
ses:*	ses
workmail:*	workmail