Setting up IAM permissions for users

This section describes the permissions that you must assign to users and other AWS identities so that they can work with AWS Elemental MediaLive and other AWS services that your workflows use. After you have identified the required permissions, you will be able to design and create the relevant policies, and attach those policies to groups of users or to roles.

This section assumes that you have already performed these tasks:

• You have performed the initial setup described in Preliminary steps for setting up to use MediaLive in order to sign up for MediaLive and to create an administrator.

• You have read the recommendations in Identity and Access Management for AWS Elemental MediaLiveabout how to create administrators, users, and other AWS identities.

Topics

• Reference: summary of user access
• MediaLive
• MediaLive Anywhere
• AWS CloudFormation
• CloudFront
• CloudTrail
• CloudWatch—channel health
• CloudWatch and Amazon SNS—email notification
• CloudWatch Logs—channel logging
• EC2 —VPC inputs
• EC2 —delivery via VPC
• Link
• MediaConnect
• MediaPackage
• MediaStore
• Resource Groups—tagging
• Amazon S3
• AWS Systems Manager parameter store