Predefined permissions - AWS IAM Identity Center (successor to AWS Single Sign-On)

Predefined permissions

You can create a permission set with either Predefined permissions or Custom permissions.

When you create a permission set with predefined permissions, you choose one policy from a list of AWS managed policies. Within the available policies, you can choose from Common permission policies and Job function policies.

Common permission policies

Choose from a list of AWS managed policies that make it possible to access resources in your entire AWS account. You can add one of the following policies:

  • AdministratorAccess

  • PowerUserAccess

  • ReadOnlyAccess

  • ViewOnlyAccess

Job function policies

Choose from a list of AWS managed policies that make it possible to access resources in your AWS account that might be relevant to a job within your organization. You can add one of the following policies:

  • Billing

  • DataScientist

  • DatabaseAdministrator

  • NetworkAdministrator

  • SecurityAudit

  • SupportUser

  • SystemAdministrator

For detailed descriptions of the available common permission policies and job function policies, see AWS managed policies for job functions in the AWS Identity and Access Management user guide.