AWS managed policy: AWSElasticDisasterRecoveryFailbackPolicy
This policy allows using the AWS Elastic Disaster Recovery Failback Client, which is used to failback recovery instances back to your original source infrastructure. We do not recommend that you attach this policy to your users or roles.
This policy is used by AWS Elastic Disaster Recovery to refresh credentials for the AWS Elastic Disaster Recovery Failback Client. We do not recommend that you attach this policy to your users or roles.
Permissions details
This policy includes the following permissions.
{ "Version": "2012-10-17", "Statement": [ { "Sid": "DRSFailbackPolicy1", "Effect": "Allow", "Action": [ "drs:SendClientMetricsForDrs", "drs:SendClientLogsForDrs" ], "Resource": "*" }, { "Sid": "DRSFailbackPolicy2", "Effect": "Allow", "Action": [ "drs:GetChannelCommandsForDrs", "drs:SendChannelCommandResultForDrs" ], "Resource": "*" }, { "Sid": "DRSFailbackPolicy3", "Effect": "Allow", "Action": [ "drs:DescribeReplicationServerAssociationsForDrs", "drs:DescribeRecoveryInstances" ], "Resource": "*" }, { "Sid": "DRSFailbackPolicy4", "Effect": "Allow", "Action": [ "drs:GetFailbackCommandForDrs", "drs:UpdateFailbackClientLastSeenForDrs", "drs:NotifyAgentAuthenticationForDrs", "drs:UpdateAgentReplicationProcessStateForDrs", "drs:NotifyAgentReplicationProgressForDrs", "drs:NotifyAgentConnectedForDrs", "drs:NotifyAgentDisconnectedForDrs", "drs:NotifyConsistencyAttainedForDrs", "drs:GetFailbackLaunchRequestedForDrs", "drs:IssueAgentCertificateForDrs" ], "Resource": "arn:aws:drs:*:*:recovery-instance/${aws:SourceIdentity}" } ] }