IAM permissions for HealthOmics
You can use AWS Identity and Access Management (IAM) to manage access to the HealthOmics API and resources such as stores and workflows. For users and applications in your account that use HealthOmics, you manage permissions in a permissions policy that you can apply to IAM users, groups, or roles.
To manage permissions for users and applications in your accounts, use the policies that HealthOmics provides, or write your own. The HealthOmics console uses multiple services to get information about your function's configuration and triggers. You can use the provided policies as-is, or as a starting point for more restrictive policies.
HealthOmics uses IAM service roles to access other services on your behalf. For example, you would create or choose a service role when you run a workflow that reads data from Amazon S3. For some features, you also need to configure permissions on resources in other services. Review these requirements before you start working with HealthOmics
For more information about IAM, see What is IAM? in the IAM User Guide.