Add Ground Station Permissions to Your AWS Account

To use AWS Ground Station without requiring an administrative user, you need to create a new policy and attach it to your AWS account.

Create a new policy. Use the following steps:

In the navigation pane, choose Policies and then choose Create Policy.

In the JSON tab, edit the JSON with one of the following values. Use the JSON that works best for your application.

For Ground Station administrative privileges, set Action to groundstation:* as follows:


{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "groundstation:*"
      ],
      "Resource": [
        "*"
      ]
    }
  ]
}

For Read-only privileges, set Action to groundstation:Get*, groundstation:List*, and groundstation:Describe* as follows:


{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "groundstation:Get*",
        "groundstation:List*",
        "groundstation:Describe*"
      ],
      "Resource": [
        "*"
      ]
    }
  ]
}

For additional security through multifactor authentication, set Action to groundstation:*, and Condition/Bool to aws:MultiFactorAuthPresent:true as follows:


{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "groundstation:*",
            "Resource": "*",
            "Condition": {
                "Bool": {
                    "aws:MultiFactorAuthPresent": true
                }
            }
        }
    ]
}

In the IAM console, attach the policy you created to the desired user.

For more information about IAM users and attaching policies, see the IAM User Guide.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Setting Up AWS Ground Station

Customer Onboarding