AmazonRDSReadOnlyAccess - AWS Managed Policy

AmazonRDSReadOnlyAccess

AmazonRDSReadOnlyAccess is an AWS managed policy that: Provides read only access to Amazon RDS via the AWS Management Console.

Using this policy

You can attach AmazonRDSReadOnlyAccess to your users, groups, and roles.

Policy details

  • Type: AWS managed policy

  • Creation time: February 06, 2015, 18:40 UTC

  • Edited time: April 14, 2023, 12:32 UTC

  • ARN: arn:aws:iam::aws:policy/AmazonRDSReadOnlyAccess

Policy version

Policy version: v7 (default)

The policy's default version is the version that defines the permissions for the policy. When a user or role with the policy makes a request to access an AWS resource, AWS checks the default version of the policy to determine whether to allow the request.

JSON policy document

{ "Version" : "2012-10-17", "Statement" : [ { "Effect" : "Allow", "Action" : [ "rds:Describe*", "rds:ListTagsForResource", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeInternetGateways", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcs" ], "Resource" : "*" }, { "Effect" : "Allow", "Action" : [ "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "cloudwatch:GetMetricData", "logs:DescribeLogStreams", "logs:GetLogEvents", "devops-guru:GetResourceCollection" ], "Resource" : "*" }, { "Action" : [ "devops-guru:SearchInsights", "devops-guru:ListAnomaliesForInsight" ], "Effect" : "Allow", "Resource" : "*", "Condition" : { "ForAllValues:StringEquals" : { "devops-guru:ServiceNames" : [ "RDS" ] }, "Null" : { "devops-guru:ServiceNames" : "false" } } } ] }

Learn more