EIM Policy Generator

This interactive page enables you to generate an EIM policy in JSON format.

  • Be careful of potential privilege escalation when defining policies. If you allow an EIM user to manage policies or policy versions, they could create a policy bypassing their current permissions and attach it to themselves.

  • Selecting an action in one API does not affect the corresponding action in another API. For example, if you want to create a policy denying VMs deletion, then the policy needs to contain both api:DeleteVms and fcu:TerminateInstances. For more information on the equivalences across our different APIs, see AWS Compatibility Matrix.

  • EIM is currently not compatible with the OOS service. This means EIM users cannot interact with OOS, regardless of their policies. Only credentials from the root user can.

  • EIM is currently not compatible with OUTSCALE Kubernetes as a Service (OKS). This means EIM users cannot interact with OKS, regardless of their policies. Only credentials from the root user can.

  • EIM currently does not support resource-based policies. This means policies always apply to all available resources.

Related Pages

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.

Export to PDF