When you set up access
control and write permissions policies to attach to an IAM policy (either identity-based or resource-based), use the following table as a reference. The table lists each
MemoryDB API operation and the corresponding actions for which you can grant
permissions to perform the action. You specify the actions in the policy's
Action
field, and you specify a resource
value in the policy's Resource
field. Unless indicated otherwise, the resource is required. Some fields include both a required resource and optional resources. When there is no resource ARN, the resource in the policy is a wildcard (*).
Note
To specify an action, use the memorydb:
prefix followed by the API
operation name (for example, memorydb:DescribeClusters
).
Use the scroll bars to see the rest of the table.
MemoryDB API operations | Required permissions (API actions) | Resources | |
---|---|---|---|
|
Cluster |
||
|
Snapshot (Source, Target) * * |
||
NoteIf you use the |
Parameter group. (Optional) cluster, snapshot, security group Ids and subnet group
Where |
||
|
Parameter group |
||
|
Subnet group |
* |
|
|
Snapshot, cluster |
||
|
User |
||
|
Access Control List (ACL) |
||
|
Cluster |
||
|
Cluster. (Optional) Snapshot |
||
|
Parameter group |
||
|
Subnet group |
||
|
Snapshot |
||
|
User |
||
|
ACL |
||
|
Cluster |
||
|
No Resource ARN: * |
||
|
Parameter group |
||
|
Parameter group |
||
|
Subnet group |
* |
|
|
No Resource ARN: * |
||
|
Cluster |
||
|
No Resource ARN: * |
||
|
Snapshot |
||
|
User |
||
|
ACLs |
||
|
Cluster |
||
|
(Optional) cluster, snapshot |
||
|
Parameter group |
||
|
Subnet group |
||
|
cluster. (Optional) Parameter group, Security group |
||
|
User |
||
|
ACL |
||
|
(Optional) Cluster, snapshot |
||
|
Parameter group |
||
|
cluster, shard |