Menu
AWS Identity and Access Management
User Guide

Actions, Resources, and Condition Keys for Amazon ElastiCache

Amazon ElastiCache (service prefix: elasticache) provides the following service-specific resources, actions, and condition context keys for use in IAM permission policies.

References:

Actions Defined by Amazon ElastiCache

You can specify the following actions in the Action element of an IAM policy statement. By using policies, you define the permissions for anyone performing an operation in AWS. When you use an action in a policy, you usually allow or deny access to the API operation or CLI command with the same name. However, in some cases, a single action controls access to more than one operation. Alternatively, some operations require several different actions. For details about the columns in the following table, see The Actions Table.

When you create an ElastiCache policy in IAM you must use the "*" wildcard character for the Resource block. For information about using the following ElastiCache API actions in an IAM policy, see ElastiCache Actions and IAM in the Amazon ElastiCache User Guide.

Actions Description Access Level Resource Types (*required) Condition Keys Dependent Actions
AddTagsToResource The AddTagsToResource action adds up to 10 cost allocation tags to the named resource.

Tagging

AuthorizeCacheSecurityGroupIngress The AuthorizeCacheSecurityGroupIngress action allows network ingress to a cache security group.

Write

CopySnapshot The CopySnapshot action makes a copy of an existing snapshot.

Write

CreateCacheCluster The CreateCacheCluster action creates a cache cluster.

Write

CreateCacheParameterGroup The CreateCacheParameterGroup action creates a new cache parameter group.

Write

CreateCacheSecurityGroup The CreateCacheSecurityGroup action creates a new cache security group.

Write

CreateCacheSubnetGroup The CreateCacheSubnetGroup action creates a new cache subnet group.

Write

CreateReplicationGroup The CreateReplicationGroup action creates a replication group.

Write

CreateSnapshot The CreateSnapshot action creates a copy of an entire cache cluster at a specific moment in time.

Write

DeleteCacheCluster The DeleteCacheCluster action deletes a previously provisioned cache cluster.

Write

DeleteCacheParameterGroup The DeleteCacheParameterGroup action deletes the specified cache parameter group.

Write

DeleteCacheSecurityGroup The DeleteCacheSecurityGroup action deletes a cache security group.

Write

DeleteCacheSubnetGroup The DeleteCacheSubnetGroup action deletes a cache subnet group.

Write

DeleteReplicationGroup The DeleteReplicationGroup action deletes an existing replication group.

Write

DeleteSnapshot The DeleteSnapshot action deletes an existing snapshot.

Write

DescribeCacheClusters The DescribeCacheClusters action returns information about all provisioned cache clusters if no cache cluster identifier is specified, or about a specific cache cluster if a cache cluster identifier is supplied.

List

DescribeCacheEngineVersions The DescribeCacheEngineVersions action returns a list of the available cache engines and their versions.

List

DescribeCacheParameterGroups The DescribeCacheParameterGroups action returns a list of cache parameter group descriptions.

List

DescribeCacheParameters The DescribeCacheParameters action returns the detailed parameter list for a particular cache parameter group.

List

DescribeCacheSecurityGroups The DescribeCacheSecurityGroups action returns a list of cache security group descriptions.

List

DescribeCacheSubnetGroups The DescribeCacheSubnetGroups action returns a list of cache subnet group descriptions.

List

DescribeEngineDefaultParameters The DescribeEngineDefaultParameters action returns the default engine and system parameter information for the specified cache engine.

List

DescribeEvents The DescribeEvents action returns events related to cache clusters, cache security groups, and cache parameter groups.

List

DescribeReplicationGroups The DescribeReplicationGroups action returns information about a particular replication group.

List

DescribeReservedCacheNodes The DescribeReservedCacheNodes action returns information about reserved cache nodes for this account, or about a specified reserved cache node.

List

DescribeReservedCacheNodesOfferings The DescribeReservedCacheNodesOfferings action lists available reserved cache node offerings.

List

DescribeSnapshots The DescribeSnapshots action returns information about cache cluster snapshots.

List

ListAllowedNodeTypeModifications List Allowed Node Type Modifications

List

ListTagsForResource The ListTagsForResource action lists all cost allocation tags currently on the named resource.

Read

ModifyCacheCluster The ModifyCacheCluster action modifies the settings for a cache cluster.

Write

ModifyCacheParameterGroup The ModifyCacheParameterGroup action modifies the parameters of a cache parameter group.

Write

ModifyCacheSubnetGroup The ModifyCacheSubnetGroup action modifies an existing cache subnet group.

Write

ModifyReplicationGroup The ModifyReplicationGroup action modifies the settings for a replication group.

Write

PurchaseReservedCacheNodesOffering The PurchaseReservedCacheNodesOffering action allows you to purchase a reserved cache node offering.

Write

RebootCacheCluster The RebootCacheCluster action reboots some, or all, of the cache nodes within a provisioned cache cluster.

Write

RemoveTagsFromResource The RemoveTagsFromResource action removes the tags identified by the TagKeys list from the named resource.

Tagging

ResetCacheParameterGroup The ResetCacheParameterGroup action modifies the parameters of a cache parameter group to the engine or system default value.

Write

RevokeCacheSecurityGroupIngress The RevokeCacheSecurityGroupIngress action revokes ingress from a cache security group.

Write

Resources Defined by ElastiCache

ElastiCache has no service-defined resources that can be used as the Resource element of an IAM policy statement.

Condition Keys for Amazon ElastiCache

ElastiCache has no service-specific context keys that can be used in the Condition element of policy statements. For the list of the global context keys that are available to all services, see Available Keys for Conditions in the IAM Policy Reference.

For information about conditions in an IAM policy to control access to ElastiCache, see ElastiCache Keys in the Amazon ElastiCache User Guide.