AWS - Give readonly permissions for all services

Question

Is there a way in AWS to give readonly permissions to all services via a central policy? Currently, am forced to do this per service, like for IAM below -

{
    "Version": "2012-10-17",
    "Statement": {
        "Effect": "Allow",
        "Action": [
            "iam:Get*",
            "iam:List*",
            "iam:Generate*"
        ],
        "Resource": "*"
    }
}

Having to do this for each and every resource is error prone and tedious. How can we define a policy to give read-only for all services.

Thanks

jarmod · Accepted Answer · 2022-02-11T02:31:35.240

21

You can use the AWS managed policy named ReadOnlyAccess:

the ReadOnlyAccess AWS managed policy provides read-only access to all AWS services and resources. When a service launches a new feature, AWS adds read-only permissions for new operations and resources.

edited Feb 11 '22 at 02:31

answered Feb 10 '22 at 22:46

jarmod

71,565
16
115
122

AWS - Give readonly permissions for all services

1 Answers1