Back
I've searched quite a bit but cannot find a policy to allow a user to create IAM Roles from both the management console (AWS website) and from AWS CLI.
Any help is greatly appreciated
You can check out this link to get the list of the IAM permissions
http://docs.aws.amazon.com/IAM/latest/UserGuide/list_iam.html
From the available and acceptable IAM permissions, you can add as much as you can
{ "Version": "2012-10-17", "Statement": [ { "Action": [ "iam:CreateInstanceProfile", "iam:RemoveRoleFromInstanceProfile", "iam:AddRoleToInstanceProfile", "iam:PassRole", "iam:DeleteInstanceProfile" ], "Effect": "Allow", "Resource": "*" } ]}
{
"Version": "2012-10-17",
"Statement": [
"Action": [
"iam:CreateInstanceProfile",
"iam:RemoveRoleFromInstanceProfile",
"iam:AddRoleToInstanceProfile",
"iam:PassRole",
"iam:DeleteInstanceProfile"
],
"Effect": "Allow",
"Resource": "*"
}
]
Learn how we helped 50,000+ professionals like you !
31k questions
32.8k answers
501 comments
693 users