Menu
AWS Certificate Manager
User Guide (Version 1.0)

Managed Policies

Managed policies are standalone policies that you can attach to multiple users, groups, and roles in your AWS account. The following AWS-managed policies are available for ACM. For more information about attaching managed policies to a user, group, or role, see Working with Managed Policies in the IAM User Guide.

AWSCertificateManagerReadOnly

This policy provides read-only access to ACM Certificates; it allows users to describe, list, and retrieve ACM Certificates.

{
  "Version": "2012-10-17",
  "Statement": {
    "Effect": "Allow",
    "Action": [
      "acm:DescribeCertificate",
      "acm:ListCertificates",
      "acm:GetCertificate",
      "acm:ListTagsForCertificate"
    ],
    "Resource": "*"
  }
}

To view this AWS-managed policy in the console, go to https://console.aws.amazon.com/iam/home#policies/arn:aws:iam::aws:policy/AWSCertificateManagerReadOnly.

AWSCertificateManagerFullAccess

This policy provides full access to all ACM actions and resources, and includes all of the permissions which are allowed under the AWSCertificateManagerReadOnly policy.

{
  "Version": "2012-10-17",
  "Statement": [{
    "Effect": "Allow",
    "Action": ["acm:*"],
    "Resource": "*"
  }]
}

To view this AWS-managed policy in the console, go to https://console.aws.amazon.com/iam/home#policies/arn:aws:iam::aws:policy/AWSCertificateManagerFullAccess.

Attaching a Managed Policy Using the AWS Management Console

To use a managed policy, a user with administrative privileges must attach the policy to a user, role, or group. The following procedure discusses how to do this in the IAM management console.

  1. Sign in to the Identity and Access Management (IAM) console at https://console.aws.amazon.com/iam/.

  2. In the navigation pane, choose Policies.

  3. In the list of policies, select the check box next to the name of the policy to attach. You can use the Filter menu and the Search box to filter the list of policies.

  4. Choose Policy Actions, and then choose Attach.

  5. Select the user, group, or role to attach the policy to. You can use the Filter menu and the Search box to filter the list of principal entities. After selecting the principal entities to attach the policy to, choose Attach Policy.