AWS managed policy: AWSApplicationMigrationReadOnlyAccess
You can attach the AWSApplicationMigrationReadOnlyAccess policy to your
IAM identities.
This policy provides permissions to all read-only public APIs of AWS Application Migration Service (AWS MGN), as well as some read-only APIs of other AWS services that are required in order to make full read-only use of the AWS MGN console. Attach this policy to your users or roles.
Permissions details
This policy includes the following permissions.
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "mgn:DescribeJobLogItems", "mgn:DescribeJobs", "mgn:DescribeSourceServers", "mgn:DescribeReplicationConfigurationTemplates", "mgn:GetLaunchConfiguration", "mgn:DescribeVcenterClients", "mgn:GetReplicationConfiguration", "mgn:DescribeLaunchConfigurationTemplates", "mgn:ListSourceServerActions", "mgn:ListTemplateActions", "mgn:ListApplications", "mgn:ListWaves" "mgn:ListExports" "mgn:ListImports" "mgn:ListImportErrors" "mgn:ListExportErrors" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "servicequotas:GetServiceQuota" ], "Resource": "*" } ] }
