Amazon Pinpoint
Developer Guide


To use Amazon Pinpoint, users in your AWS account require permissions that allow them to view analytics data, define user segments, create and deploy campaigns, and more. Users of your app also require access to Amazon Pinpoint so that your app can register endpoints and report usage data. To grant access to Amazon Pinpoint features, create AWS Identity and Access Management (IAM) policies that allow Amazon Pinpoint actions.

IAM is a service that helps you securely control access to AWS resources. IAM policies include statements that allow or deny specific actions that users can perform on specific resources. Amazon Pinpoint provides a set of actions for IAM policies that you can use to specify granular permissions for Amazon Pinpoint users. You can grant the appropriate level of access to Amazon Pinpoint without creating overly permissive policies that might expose important data or compromise your campaigns. For example, you can grant unrestricted access to an Amazon Pinpoint administrator, and grant read-only access to individuals in your organization who need access to only analytics.

For more information about IAM policies, see Policies and Permissions in the IAM User Guide.

To import endpoint definitions, you must grant Amazon Pinpoint read-only access to an Amazon S3 bucket.