iam:*AWS AWS Identity and Access Management (IAM) IAM Actions
187 IAM actions for iam:*
Actions
187 actions available. Filter by access level or search by name.
Filter:
| Action | Access Level |
|---|---|
iam:AcceptDelegationRequest | Write |
iam:AddClientIDToOpenIDConnectProvider | Write |
iam:AddRoleToInstanceProfile | Permissions |
iam:AddUserToGroup | Write |
iam:AssociateDelegationRequest | Write |
iam:AttachGroupPolicy | Permissions |
iam:AttachRolePolicy | Permissions |
iam:AttachUserPolicy | Permissions |
iam:ChangePassword | Read |
iam:CreateAccessKey | Write |
iam:CreateAccountAlias | Write |
iam:CreateDelegationRequest | Write |
iam:CreateGroup | Write |
iam:CreateInstanceProfile | Write |
iam:CreateLoginProfile | Write |
iam:CreateOpenIDConnectProvider | Write |
iam:CreatePolicy | Permissions |
iam:CreatePolicyVersion | Permissions |
iam:CreateRole | Permissions |
iam:CreateSAMLProvider | Write |
iam:CreateServiceLinkedRole | Permissions |
iam:CreateServiceSpecificCredential | Write |
iam:CreateUser | Write |
iam:CreateVirtualMFADevice | Write |
iam:DeactivateMFADevice | Read |
iam:DeleteAccessKey | Write |
iam:DeleteAccountAlias | Write |
iam:DeleteAccountPasswordPolicy | Permissions |
iam:DeleteCloudFrontPublicKey | Write |
iam:DeleteGroup | Write |
iam:DeleteGroupPolicy | Permissions |
iam:DeleteInstanceProfile | Write |
iam:DeleteLoginProfile | Write |
iam:DeleteOpenIDConnectProvider | Write |
iam:DeletePolicy | Permissions |
iam:DeletePolicyVersion | Permissions |
iam:DeleteRole | Permissions |
iam:DeleteRolePermissionsBoundary | Permissions |
iam:DeleteRolePolicy | Permissions |
iam:DeleteSAMLProvider | Write |
iam:DeleteServerCertificate | Write |
iam:DeleteServiceLinkedRole | Permissions |
iam:DeleteServiceSpecificCredential | Write |
iam:DeleteSigningCertificate | Write |
iam:DeleteSSHPublicKey | Write |
iam:DeleteUser | Write |
iam:DeleteUserPermissionsBoundary | Permissions |
iam:DeleteUserPolicy | Permissions |
iam:DeleteVirtualMFADevice | Write |
iam:DetachGroupPolicy | Permissions |
iam:DetachRolePolicy | Permissions |
iam:DetachUserPolicy | Permissions |
iam:DisableOrganizationsRootCredentialsManagement | Write |
iam:DisableOrganizationsRootSessions | Write |
iam:DisableOutboundWebIdentityFederation | Write |
iam:EnableMFADevice | Write |
iam:EnableOrganizationsRootCredentialsManagement | Write |
iam:EnableOrganizationsRootSessions | Write |
iam:EnableOutboundWebIdentityFederation | Write |
iam:GenerateCredentialReport | Read |
iam:GenerateOrganizationsAccessReport | Read |
iam:GenerateServiceLastAccessedDetails | Read |
iam:GetAccessKeyLastUsed | Read |
iam:GetAccountAuthorizationDetails | Read |
iam:GetAccountEmailAddress | Read |
iam:GetAccountName | Read |
iam:GetAccountPasswordPolicy | Permissions |
iam:GetAccountSummary | Read |
iam:GetCloudFrontPublicKey | Read |
iam:GetContextKeysForCustomPolicy | Permissions |
iam:GetContextKeysForPrincipalPolicy | Permissions |
iam:GetCredentialReport | Read |
iam:GetDelegationRequest | Read |
iam:GetGroup | Read |
iam:GetGroupPolicy | Permissions |
iam:GetHumanReadableSummary | Read |
iam:GetInstanceProfile | Read |
iam:GetLoginProfile | Read |
iam:GetMFADevice | Read |
iam:GetOpenIDConnectProvider | Read |
iam:GetOrganizationsAccessReport | Read |
iam:GetOutboundWebIdentityFederationInfo | Read |
iam:GetPolicy | Permissions |
iam:GetPolicyVersion | Permissions |
iam:GetRole | Permissions |
iam:GetRolePolicy | Permissions |
iam:GetSAMLProvider | Read |
iam:GetServerCertificate | Read |
iam:GetServiceLastAccessedDetails | Read |
iam:GetServiceLastAccessedDetailsWithEntities | Read |
iam:GetServiceLinkedRoleDeletionStatus | Permissions |
iam:GetSSHPublicKey | Read |
iam:GetUser | Read |
iam:GetUserPolicy | Permissions |
iam:ListAccessKeys | List |
iam:ListAccountAliases | List |
iam:ListAttachedGroupPolicies | List |
iam:ListAttachedRolePolicies | Permissions |
iam:ListAttachedUserPolicies | List |
iam:ListCloudFrontPublicKeys | List |
iam:ListDelegationRequests | List |
iam:ListEntitiesForPolicy | Permissions |
iam:ListGroupPolicies | List |
iam:ListGroups | List |
iam:ListGroupsForUser | List |
iam:ListInstanceProfiles | List |
iam:ListInstanceProfilesForRole | Permissions |
iam:ListInstanceProfileTags | Tagging |
iam:ListMFADevices | List |
iam:ListMFADeviceTags | Tagging |
iam:ListOpenIDConnectProviders | List |
iam:ListOpenIDConnectProviderTags | Tagging |
iam:ListOrganizationsFeatures | List |
iam:ListPolicies | List |
iam:ListPoliciesGrantingServiceAccess | Permissions |
iam:ListPolicyTags | Tagging |
iam:ListPolicyVersions | Permissions |
iam:ListRolePolicies | Permissions |
iam:ListRoles | Permissions |
iam:ListRoleTags | Tagging |
iam:ListSAMLProviders | List |
iam:ListSAMLProviderTags | Tagging |
iam:ListServerCertificates | List |
iam:ListServerCertificateTags | Tagging |
iam:ListServiceSpecificCredentials | List |
iam:ListSigningCertificates | List |
iam:ListSSHPublicKeys | List |
iam:ListSTSRegionalEndpointsStatus | List |
iam:ListUserPolicies | List |
iam:ListUsers | List |
iam:ListUserTags | Tagging |
iam:ListVirtualMFADevices | List |
iam:PassRole | Permissions |
iam:PutGroupPolicy | Permissions |
iam:PutRolePermissionsBoundary | Permissions |
iam:PutRolePolicy | Permissions |
iam:PutUserPermissionsBoundary | Permissions |
iam:PutUserPolicy | Permissions |
iam:RejectDelegationRequest | Write |
iam:RemoveClientIDFromOpenIDConnectProvider | Write |
iam:RemoveRoleFromInstanceProfile | Permissions |
iam:RemoveUserFromGroup | Write |
iam:ResetServiceSpecificCredential | Write |
iam:ResyncMFADevice | Read |
iam:SendDelegationToken | Write |
iam:SetDefaultPolicyVersion | Permissions |
iam:SetSecurityTokenServicePreferences | Write |
iam:SetSTSRegionalEndpointStatus | Write |
iam:SimulateCustomPolicy | Permissions |
iam:SimulatePrincipalPolicy | Permissions |
iam:TagInstanceProfile | Tagging |
iam:TagMFADevice | Tagging |
iam:TagOpenIDConnectProvider | Tagging |
iam:TagPolicy | Tagging |
iam:TagRole | Tagging |
iam:TagSAMLProvider | Tagging |
iam:TagServerCertificate | Tagging |
iam:TagUser | Tagging |
iam:UntagInstanceProfile | Tagging |
iam:UntagMFADevice | Tagging |
iam:UntagOpenIDConnectProvider | Tagging |
iam:UntagPolicy | Tagging |
iam:UntagRole | Tagging |
iam:UntagSAMLProvider | Tagging |
iam:UntagServerCertificate | Tagging |
iam:UntagUser | Tagging |
iam:UpdateAccessKey | Write |
iam:UpdateAccountEmailAddress | Write |
iam:UpdateAccountName | Write |
iam:UpdateAccountPasswordPolicy | Permissions |
iam:UpdateAssumeRolePolicy | Permissions |
iam:UpdateCloudFrontPublicKey | Write |
iam:UpdateGroup | Write |
iam:UpdateLoginProfile | Write |
iam:UpdateOpenIDConnectProviderThumbprint | Write |
iam:UpdateRole | Permissions |
iam:UpdateRoleDescription | Permissions |
iam:UpdateSAMLProvider | Write |
iam:UpdateServerCertificate | Write |
iam:UpdateServiceSpecificCredential | Write |
iam:UpdateSigningCertificate | Write |
iam:UpdateSSHPublicKey | Write |
iam:UpdateUser | Write |
iam:UploadCloudFrontPublicKey | Read |
iam:UploadServerCertificate | Read |
iam:UploadSigningCertificate | Read |
iam:UploadSSHPublicKey | Read |
Resource Types
ARN patterns for resources in this service.
| Resource | ARN Pattern |
|---|---|
${ResourceType} | arn:aws:iam::${Account}:${ResourceType}/${ResourceName} |
Condition Keys
Condition keys you can use in IAM policy conditions for this service.
aws:RequestTag/${TagKey}aws:ResourceTag/${TagKey}aws:TagKeysiam:AWSServiceNameiam:AssociatedResourceArniam:DelegationDurationiam:DelegationRequestOwneriam:FIDO-FIPS-140-2-certificationiam:FIDO-FIPS-140-3-certificationiam:FIDO-certificationiam:NotificationChanneliam:OrganizationsPolicyIdiam:PassedToServiceiam:PermissionsBoundaryiam:PolicyARNiam:RegisterSecurityKeyiam:ResourceTag/${TagKey}iam:ServiceSpecificCredentialAgeDaysiam:ServiceSpecificCredentialServiceNameiam:TemplateArnGet the AWS Identity and Access Management (IAM) Cheat Sheet
Everything you need to know about AWS Identity and Access Management (IAM) on one page. HD quality, print-friendly.
Download Free InfographicGet the AWS Identity and Access Management (IAM) Cheat Sheet
Everything you need to know about AWS Identity and Access Management (IAM) on one page. HD quality, print-friendly.
Download Free InfographicQuick Facts
Total Actions187
Prefix
iamResource Types1
Condition Keys20
Access Level Breakdown
Read32
Write56
List23
Permissions52
Tagging24