Product logo
DocsBlogPricing

Permissions for @turbot/aws-elasticache

Taking a look at permissions and associated grant levels for each permission for ElastiCache:

PermissionGrant LevelHelp
cloudwatch:DescribeAlarmsMetadataRequired for console access per http://docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/UsingIAM.html
cloudwatch:GetMetricStatisticsMetadataRequired for console access per http://docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/UsingIAM.html
ec2:DescribeAccountAttributesMetadataRequired for console access per http://docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/UsingIAM.html
ec2:DescribeAvailabilityZonesMetadataRequired for console access per http://docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/UsingIAM.html
ec2:DescribeSecurityGroupsMetadataRequired for console access per http://docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/UsingIAM.html
ec2:DescribeVpcsMetadataRequired for console access per http://docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/UsingIAM.html
elasticache:AddTagsToResourceOperatorOperators can manage tags and reboot the cluster.
elasticache:AuthorizeCacheSecurityGroupIngressAdmin"Administrators can manage network ingress to a cache security group. Applications using ElastiCache must be running on Amazon EC2
elasticache:BatchApplyUpdateActionAdmin
elasticache:BatchStopUpdateActionAdmin
elasticache:CompleteMigrationAdmin
elasticache:CopySnapshotOperator"Operators can create snapshots
elasticache:CreateCacheClusterAdmin
elasticache:CreateCacheParameterGroupAdmin
elasticache:CreateCacheSecurityGroupAdminCache security groups are only used when you are creating a cluster outside of an Amazon Virtual Private Cloud (Amazon VPC).
elasticache:CreateCacheSubnetGroupAdmin"Administrators can manage custom subnet groups. Turbot managed subnet groups cannot be automatically protected
elasticache:CreateGlobalReplicationGroupAdmin
elasticache:CreateReplicationGroupAdmin
elasticache:CreateSnapshotOperator"Operators can create snapshots
elasticache:CreateUserAdmin
elasticache:CreateUserGroupAdmin
elasticache:DecreaseNodeGroupsInGlobalReplicationGroupOperator
elasticache:DecreaseReplicaCountOperatorOperators can decrease AmazonElastiCache replica count.
elasticache:DeleteCacheClusterAdmin
elasticache:DeleteCacheParameterGroupAdmin
elasticache:DeleteCacheSecurityGroupAdmin
elasticache:DeleteCacheSubnetGroupAdmin"Administrators can manage custom subnet groups. Turbot managed subnet groups cannot be automatically protected
elasticache:DeleteGlobalReplicationGroupAdmin
elasticache:DeleteReplicationGroupAdmin
elasticache:DeleteSnapshotAdmin"Operators can create snapshots
elasticache:DeleteUserAdmin
elasticache:DeleteUserGroupAdmin
elasticache:DescribeCacheClustersMetadata"Metadata about the cache instance
elasticache:DescribeCacheEngineVersionsMetadata"Metadata about the cache instance
elasticache:DescribeCacheParameterGroupsMetadata"Metadata about the cache instance
elasticache:DescribeCacheParametersMetadata"Metadata about the cache instance
elasticache:DescribeCacheSecurityGroupsMetadata"Metadata about the cache instance
elasticache:DescribeCacheSubnetGroupsMetadata"Metadata about the cache instance
elasticache:DescribeEngineDefaultParametersMetadata"Metadata about the cache instance
elasticache:DescribeEventsMetadata"Metadata about the cache instance
elasticache:DescribeGlobalReplicationGroupsMetadata
elasticache:DescribeReplicationGroupsMetadata"Metadata about the cache instance
elasticache:DescribeReservedCacheNodesMetadata"Metadata about the cache instance
elasticache:DescribeReservedCacheNodesOfferingsMetadata"Metadata about the cache instance
elasticache:DescribeServiceUpdatesMetadata
elasticache:DescribeSnapshotsMetadata
elasticache:DescribeUpdateActionsMetadata
elasticache:DescribeUserGroupsMetadata
elasticache:DescribeUsersMetadata
elasticache:DisassociateGlobalReplicationGroupAdmin
elasticache:FailoverGlobalReplicationGroupAdmin
elasticache:IncreaseNodeGroupsInGlobalReplicationGroupOperator
elasticache:IncreaseReplicaCountOperatorOperators can increase AmazonElastiCache replica count.
elasticache:ListAllowedNodeTypeModificationsMetadata
elasticache:ListTagsForResourceMetadata
elasticache:ModifyCacheClusterAdmin
elasticache:ModifyCacheParameterGroupAdmin
elasticache:ModifyCacheSubnetGroupAdmin"Administrators can manage custom subnet groups. Turbot managed subnet groups cannot be automatically protected
elasticache:ModifyGlobalReplicationGroupAdmin
elasticache:ModifyUserAdmin
elasticache:ModifyUserGroupAdmin
elasticache:ModifyReplicationGroupAdmin
elasticache:ModifyReplicationGroupShardConfigurationAdmin
elasticache:PurchaseReservedCacheNodesOfferingOwnerReserved instances can only be purchased by owners.
elasticache:RebalanceSlotsInGlobalReplicationGroupOperator
elasticache:RebootCacheClusterOperatorOperators can manage tags and reboot the cluster.
elasticache:RemoveTagsFromResourceOperatorOperators can manage tags and reboot the cluster.
elasticache:ResetCacheParameterGroupAdmin
elasticache:RevokeCacheSecurityGroupIngressAdminRevokes ingress from a cache security group. Use this operation to disallow access from an Amazon EC2 security group that had been previously authorized.
elasticache:StartMigrationAdmin
elasticache:TestFailoverOperator
sns:ListSubscriptionsMetadataRequired for console access per http://docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/UsingIAM.html
sns:ListTopicsMetadataRequired for console access per http://docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/UsingIAM.html