AWS Service Catalog
Administrator Guide

Controlling Access Using Service-level Permissions

Control the level of access that administrators and end users have to AWS Service Catalog and AWS resources by applying AWS policies through AWS Identity and Access Management (IAM). These policies are either created and managed by AWS or individually by administrators and end users. To control access, you attach these policies to the IAM users, groups, and roles that you use with AWS Service Catalog. Also, you can customize the access level for each action with support for user, role, and account levels. This allows users to be granted access to view, update, terminate, and manage provisioned products created under their role or the account to which they are logged in.