Grant Permissions to AWS Service Catalog End Users - AWS Service Catalog

Grant Permissions to AWS Service Catalog End Users

Before the end user can use AWS Service Catalog, you must grant access to the AWS Service Catalog end user console view. To grant access, you attach policies to the IAM user, group, or role that is used by the end user. In the following procedure, we attach the AWSServiceCatalogEndUserFullAccess policy to an IAM group. For more information, see Predefined AWS Managed Policies.

To grant permissions to an end user group

  1. Open the IAM console at https://console.aws.amazon.com/iam/.

  2. In the navigation pane, choose Groups.

  3. Choose Create New Group and do the following:

    1. For Group Name, type Endusers, and then choose Next Step.

    2. In the search field, type AWSServiceCatalog to filter the policy list.

    3. Select the checkbox for the AWSServiceCatalogEndUserFullAccess policy, and then choose Next Step. You also have the option to choose AWSServiceCatalogEndUserReadOnlyAccess instead.

    4. On the Review page, choose Create Group.

  4. In the navigation pane, choose Users.

  5. Choose Add user and do the following:

    1. For User name, type a name for the user.

    2. Select AWS Management Console access.

    3. Choose Next: Permissions.

    4. Choose Add user to group.

    5. Select the checkbox for the Endusers group and choose Next: Tags and then Next: Review.

    6. On the Review page, choose Create user. Download or copy the credentials and then choose Close.