Menu
Amazon ElastiCache
ElastiCache for Memcached User Guide (API Version 2015-02-02)

ElastiCache API Permissions: Actions, Resources, and Conditions Reference

When you are setting up Access Control and writing permissions policies that you can attach to an IAM identity (identity-based policies), you can use the following table as a reference. The table lists each Amazon ElastiCache API operation and the corresponding actions for which you can grant permissions to perform the action. You specify the actions in the policy's Action field, and you specify a wildcard character (*) as the resource value in the policy's Resource field.

You can use AWS-wide condition keys in your ElastiCache policies to express conditions. For a complete list of AWS-wide keys, see Available Keys for Conditions in the IAM User Guide.

Note

To specify an action, use the elasticache: prefix followed by the API operation name (for example, elasticache:DescribeCacheClusters). For all ElastiCache actions, specify the wildcard character (*) as the resource.

If you see an expand arrow () in the upper-right corner of the table, you can open the table in a new window. To close the window, choose the close button (X) in the lower-right corner.

Amazon ElastiCache for Memcached API and Required Permissions for Actions

ElastiCache API Operations Required Permissions (API Actions) Resources

AddTagsToResource

elasticache:AddTagsToResource

*

AuthorizeCacheSecurityGroupIngress

elasticache:AuthorizeCacheSecurityGroupIngress

*

CreateCacheCluster

elasticache:CreateCacheCluster

*

Where my_bucket/snapshot1 is an S3 bucket and snapshot that you want to create the cache cluster from.

CreateCacheParameterGroup

elasticache:CreateCacheParameterGroup

*

CreateCacheSecurityGroup

elasticache:CreateCacheSecurityGroup

*

CreateCacheSubnetGroup

elasticache:CreateCacheSubnetGroup

*

DeleteCacheCluster

elasticache:DeleteCacheCluster

*

DeleteCacheParameterGroup

elasticache:DeleteCacheParameterGroup

*

DeleteCacheSecurityGroup

elasticache:DeleteCacheSecurityGroup

*

DeleteCacheSubnetGroup

elasticache:DeleteCacheSubnetGroup

*

DescribeCacheClusters

elasticache:DescribeCacheClusters

*

DescribeCacheEngineVersions

elasticache:DescribeCacheEngineVersions

*

DescribeCacheParameterGroups

elasticache:DescribeCacheParameterGroups

*

DescribeCacheParameters

elasticache:DescribeCacheParameters

*

DescribeCacheSecurityGroups

elasticache:DescribeCacheSecurityGroups

*

DescribeCacheSubnetGroups

elasticache:DescribeCacheSubnetGroups

*

DescribeEngineDefaultParameters

elasticache:DescribeEngineDefaultParameters

*

DescribeEvents

elasticache:DescribeEvents

*

DescribeReservedCacheNodes

elasticache:DescribeReservedCacheNodes

*

DescribeReservedCacheNodesOfferings

elasticache:DescribeReservedCacheNodesOfferings

*

ListTagsForResource

elasticache:ListTagsForResource

*

ModifyCacheCluster

elasticache:ModifyCacheCluster

*

ModifyCacheParameterGroup

elasticache:ModifyCacheParameterGroup

*

ModifyCacheSubnetGroup

elasticache:ModifyCacheSubnetGroup

*

ModifyReplicationGroupShardConfiguration

elasticache:ModifyReplicationGroupShardConfiguration

*

PurchaseReservedCacheNodesOffering

elasticache:PurchaseReservedCacheNodesOffering

*

RebootCacheCluster

elasticache:RebootCacheCluster

*

RemoveTagsFromResource

elasticache:RemoveTagsFromResource

*

ResetCacheParameterGroup

elasticache:ResetCacheParameterGroup

*

RevokeCacheSecurityGroupIngress

elasticache:RevokeCacheSecurityGroupIngress

*