Add Ground Station Permissions to Your AWS Account
To use AWS Ground Station without requiring an administrative user, you need to create a new policy and attach it to your AWS account.
-
Sign in to the AWS Management Console and open the IAM console
. -
Create a new policy. Use the following steps:
-
In the navigation pane, choose Policies and then choose Create Policy.
-
In the JSON tab, edit the JSON with one of the following values. Use the JSON that works best for your application.
-
For Ground Station administrative privileges, set Action to groundstation:* as follows:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "groundstation:*" ], "Resource": [ "*" ] } ] }
-
For Read-only privileges, set Action to groundstation:Get*, groundstation:List*, and groundstation:Describe* as follows:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "groundstation:Get*", "groundstation:List*", "groundstation:Describe*" ], "Resource": [ "*" ] } ] }
-
For additional security through multifactor authentication, set Action to groundstation:*, and Condition/Bool to aws:MultiFactorAuthPresent:true as follows:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "groundstation:*", "Resource": "*", "Condition": { "Bool": { "aws:MultiFactorAuthPresent": true } } } ] }
-
-
-
In the IAM console, attach the policy you created to the desired user.
For more information about IAM users and attaching policies, see the IAM User Guide.