Amazon CloudWatch
User Guide

CloudWatch Dashboard Permissions Update

On May 1, 2018, AWS changed the permissions required to access CloudWatch dashboards. Dashboard access in the CloudWatch console now requires permissions that were introduced in 2017 to support dashboard API operations:

  • cloudwatch:GetDashboard

  • cloudwatch:ListDashboards

  • cloudwatch:PutDashboard

  • cloudwatch:DeleteDashboards

To access CloudWatch dashboards, you need one of the following:

  • The AdministratorAccess policy.

  • The CloudWatchFullAccess policy.

  • A custom policy that includes one or more of these specific permissions:

    • cloudwatch:GetDashboard and cloudwatch:ListDashboards to be able to view dashboards

    • cloudwatch:PutDashboard to be able to create or modify dashboards

    • cloudwatch:DeleteDashboards to be able to delete dashboards

For more information for changing permissions for an IAM user using policies, see Changing Permissions for an IAM User.

For more information about CloudWatch permissions, see Amazon CloudWatch Permissions Reference.

For more information about dashboard API operations, see PutDashboard in the Amazon CloudWatch API Reference.