Policy: AWSOpsWorksCMServiceRole

ARN: arn:aws:iam::aws:policy/service-role/AWSOpsWorksCMServiceRole

Allowed Actions

Actions	Services
acm:DeleteCertificate	acm
acm:ImportCertificate	acm
cloudformation:CreateStack	cloudformation
cloudformation:DeleteStack	cloudformation
cloudformation:DescribeStackEvents	cloudformation
cloudformation:DescribeStackResources	cloudformation
cloudformation:DescribeStacks	cloudformation
cloudformation:UpdateStack	cloudformation
ec2:AllocateAddress	ec2
ec2:AssociateAddress	ec2
ec2:AuthorizeSecurityGroupIngress	ec2
ec2:CreateImage	ec2
ec2:CreateSecurityGroup	ec2
ec2:CreateSnapshot	ec2
ec2:CreateTags	ec2
ec2:DeleteSecurityGroup	ec2
ec2:DeleteSnapshot	ec2
ec2:DeleteTags	ec2
ec2:DeregisterImage	ec2
ec2:DescribeAccountAttributes	ec2
ec2:DescribeAddresses	ec2
ec2:DescribeImages	ec2
ec2:DescribeInstanceStatus	ec2
ec2:DescribeInstances	ec2
ec2:DescribeSecurityGroups	ec2
ec2:DescribeSnapshots	ec2
ec2:DescribeSubnets	ec2
ec2:DisassociateAddress	ec2
ec2:RebootInstances	ec2
ec2:ReleaseAddress	ec2
ec2:RunInstances	ec2
ec2:StopInstances	ec2
ec2:TerminateInstances	ec2
iam:PassRole	iam
opsworks-cm:DeleteServer	opsworks-cm
opsworks-cm:StartMaintenance	opsworks-cm
s3:CreateBucket	s3
s3:DeleteBucket	s3
s3:DeleteObject	s3
s3:GetBucketTagging	s3
s3:GetObject	s3
s3:ListBucket	s3
s3:PutBucketPolicy	s3
s3:PutBucketTagging	s3
s3:PutObject	s3
secretsmanager:CreateSecret	secretsmanager
secretsmanager:DeleteSecret	secretsmanager
secretsmanager:GetSecretValue	secretsmanager
secretsmanager:TagResource	secretsmanager
secretsmanager:UntagResource	secretsmanager
secretsmanager:UpdateSecret	secretsmanager
ssm:DescribeInstanceInformation	ssm
ssm:GetCommandInvocation	ssm
ssm:ListCommandInvocations	ssm
ssm:ListCommands	ssm
ssm:SendCommand	ssm
ssm:SendCommand	ssm
tag:TagResources	tag
tag:UntagResources	tag