AWS managed policy: AWSElasticDisasterRecoveryStagingAccountPolicy
This policy allows read-only access to AWS Elastic Disaster Recovery (AWS DRS) resources such as source servers and jobs. It also allows creating a converted snapshot and sharing that EBS snapshot with a specified account.
Permissions details
This policy includes the following permissions.
{ "Version": "2012-10-17", "Statement": [ { "Sid": "DRSStagingAccountPolicy1", "Effect": "Allow", "Action": [ "drs:DescribeSourceServers", "drs:DescribeRecoverySnapshots", "drs:CreateConvertedSnapshotForDrs", "drs:GetReplicationConfiguration", "drs:DescribeJobs", "drs:DescribeJobLogItems" ], "Resource": "*" }, { "Sid": "DRSStagingAccountPolicy2", "Effect": "Allow", "Action": [ "ec2:ModifySnapshotAttribute" ], "Resource": "arn:aws:ec2:*:*:snapshot/*", "Condition": { "StringEquals": { "ec2:Add/userId": "${aws:SourceIdentity}" }, "Null": { "aws:ResourceTag/AWSElasticDisasterRecoveryManaged": "false" } } } ] }