Step 2: Create an IAM Group - AWS Elemental MediaLive

Step 2: Create an IAM Group

The procedure in this section shows how to create an IAM group and attach policies. Anyone with IAM administrator-level credentials can perform the procedure. Perform this procedure once, at initial setup. Before you start the procedure, you should have already created the two policies in Step 1: Create Customer Managed Policies.

To create a group

  1. Open the IAM console at

  2. In the navigation pane, choose Groups, and then choose Create New Group.

  3. On the Set Group Name page, for Group Name, enter MediaLivePowerUsers, and then choose Next Step.

  4. On the Attach Policy page, select the check boxes for the following policies:

    • MediaLivePowerAccess (customer managed policy)

    • MediaConnectPowerAccess (customer managed policy)

    • MediaLiveTrustedEntityAccess (customer managed policy)

    • CloudWatchReadOnlyAccess (AWS managed policy)

    • CloudWatchEventsFullAccess (AWS managed policy)

    • AmazonEC2FullAccess (AWS managed policy for access to AWS Virtual Private Network)

    • AWSElementalMediaPackageFullAccess (AWS managed policy)

    • ResourceGroupsandTagEditorFullAccess (AWS managed policy)

    • AmazonSSMFullAccess (AWS managed policy for access to AWS Systems Manager)

    • AmazonSNSFullAccess (AWS managed policy)

  5. Choose Next Step, review your information, and then choose Create Group.

This diagram shows how the policies and group are associated.