Step 1: Create Policies
Create two policies for AWS Elemental MediaStore: one to provide read/write access and one to provide read-only access. Perform these steps one time only for each policy.
To create policies
-
Use your AWS account ID or account alias, and the credentials for your admin IAM user to sign in to the IAM console.
-
In the navigation pane of the console, choose Policies, and then choose Create policy.
-
Choose the JSON tab and paste the following policy:
{ "Version": "2012-10-17", "Statement": [ { "Action": [ "mediastore:*" ], "Effect": "Allow", "Resource": "*", "Condition": { "Bool": { "aws:SecureTransport": "true" } } } ] }
This policy allows all actions on all resources in AWS Elemental MediaStore.
-
Choose Review policy.
-
On the Review policy page, for Name, type
MediaStoreAllAccess
, and then choose Create policy. -
On the Policies page, repeat steps 1-5 to create a read-only policy. Use the following policy and call it
MediaStoreReadOnlyAccess
:{ "Version": "2012-10-17", "Statement": [ { "Action": [ "mediastore:Get*", "mediastore:List*", "mediastore:Describe*" ], "Effect": "Allow", "Resource": "*", "Condition": { "Bool": { "aws:SecureTransport": "true" } } } ] }