Requirements for AWS Elemental MediaLive features

You must give your users access to AWS Elemental MediaLive features. The permissions for MediaLive can be divided into three categories:

Permissions to create
Permissions to view
Permissions to run

You might choose to give different access to different kinds of users. For example, you might decide that "basic operators" should not have create permissions.

In particular, you must decide whether to restrict the ability to work with reservations; you might decide to give this access only to administrators or advanced users. For more information about reservations, see Working with reservations in MediaLive.

The following table shows the operations in IAM that relate to access for MediaLive.

Permissions	Service name in IAM	Actions
Create, modify, and delete channels, devices, inputs, and input security groups	MediaLive	`CreateChannel` `CreateInput` `CreateInputSecurityGroup` `DeleteChannel` `DeleteInput` `DeleteInputSecurityGroup` `UpdateChannel` `UpdateInput` `UpdateInputDevice` `UpdateInputSecurityGroup`
View channels, devices, inputs, and input security groups	MediaLive	`ListChannels` `ListInputDevices` `ListInputs` `ListInputSecurityGroups` `DescribeChannel` `DescribeInput` `DescribeInputDevice` `DescribeInputDeviceThumbnail` `DescribeInputSecurityGroup`
View alerts for running channels Note that this action doesn't appear in the policy wizard on the IAM console. To include this action, create a policy, then edit the policy and type the line `"medialive:ListAlerts",` directly in the JSON. You can perform all these steps in the IAM console.	MediaLive	`ListAlerts`
Perform a batch operation on several channels or inputs or multiplexes or input security groups	MediaLive	`BatchDelete` `BatchStart` `BatchStop`
Create or cancel an outgoing device transfer, or accept or reject an incoming device transfer, and view pending device transfers	MediaLive	`AcceptInputDeviceTransfer` `CancelInputDeviceTransfer` `ListInputDeviceTransfers` `RejectInputDeviceTransfer` `TransferInputDevice`
Work with schedules	MediaLive	`DescribeSchedule` `BatchUpdateSchedule`
Create or modify multiplexes	MediaLive	`CreateMultiplex` `DescribeMultiplex` `ListMultiplexes` `UpdateMultiplex`
Create or modify multiplexes	EC2	`DescribeAvailabilityZones` You need this operation to view the list of Availability Zones on the MediaLive console, so that you can choose two for the multiplex.
Delete multiplexes	MediaLive	`DeleteMultiplex` `DescribeMultiplex` `ListMultiplexes`
View multiplexes	MediaLive	`DescribeMultiplex` `ListMultiplexes`
Change the class for a channel	MediaLive	`UpdateChannelClass`
Run channels	MediaLive	`StartChannel` `StopChannel`
Pause channels	MediaLive	Pause is part of the schedule feature, above.
Run multiplexes	MediaLive	`StartMultiplex` `StopMultiplex`
Attach tags to channels, inputs, and input security groups when creating those resources	MediaLive	`CreateTag` `DeleteTags` `ListTagsForResources`
Create, modify, delete, and view reservations and offerings	MediaLive	`DeleteReservation` `DescribeOffering` `DescribeReservation` `ListOfferings` `ListReservations` `PurchaseOffering`

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Reference: summary of user access

AWS CloudFormation