Amazon Comprehend
Developer Guide

Amazon Comprehend Medical API Permissions: Actions, Resources, and Conditions Reference

Use the following table as a reference when setting up Access Control and writing a permissions policy that you can attach to an IAM identity (an identity-based policy). The list includes each Amazon Comprehend Medical API operation, the corresponding action for which you can grant permissions to perform the action, and the AWS resource for which you can grant the permissions. You specify the actions in the policy's Action field, and you specify the resource value in the policy's Resource field.

To express conditions, you can use AWS-wide condition keys in your Amazon Comprehend Medical policies. For a complete list of AWS-wide keys, see Available Keys in the IAM User Guide.


To specify an action, use the comprehendmedical: prefix followed by the API operation name, for example, comprehendmedical:DetectEntities.

If you see an expand arrow () in the upper-right corner of the table, you can open the table in a new window. To close the window, choose the close button (X) in the lower-right corner.

Amazon Comprehend Medical API and Required Permissions for Actions

Amazon Comprehend Medical API Operations Required Permissions (API Actions) Resources
DescribeEntitiesDetectionV2Job comprehendmedical:DescribeEntitiesDetectionV2Job *
DescribePHIDetectionJob comprehendmedical:DescribePHIDetectionJob *
DetectEntities comprehendmedical:DetectEntities *
DetectEntitiesV2 comprehendmedical:DetectEntitiesV2 *
DetectPHI comprehendmedical:DetectPHI *
ListEntitiesDetectionV2Jobs comprehendmedical:ListEntitiesDetectionV2Jobs *
ListPHIDetectionJobs comprehendmedical:ListPHIDetectionJobs *
StartEntitiesDetectionV2Job comprehendmedical:StartEntitiesDetectionV2Job *
StartPHIDetectionJob comprehendmedical:StartPHIDetectionJob *
StopEntitiesDetectionV2Job comprehendmedical:StopEntitiesDetectionV2Job *
StopPHIDetectionJob comprehendmedical:StopPHIDetectionJob *