IAM permissions

The IAM role that's attached to your Amazon EC2 Windows instance must have permission to create application-consistent snapshots with VSS. To grant the necessary permissions, you can attach the AWSEC2VssSnapshotPolicy policy to your instance profile.

The policy enables Systems Manager to perform the following actions:

Create and tag EBS snapshots
Create and tag Amazon Machine Images (AMIs)
Attach metadata, such as the device ID, to the default snapshot tags that VSS creates.

Topics

Attach the VSS-enabled snapshot policy to your instance profile
Managed policy to create VSS snapshots
Legacy policy (no longer supported)

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

System requirements

Attach policy to instance profile