Is it possible to grant a "read everything" role in AWS?

amazon-web-services amazon-iam

Is there a default policy that can provide read-only access to all services with AWS? Is there are naming convention for permissions that could be followed such as "Allow" : "Get*" in an IAM policy to achieve this type of result?

I know that AWS provides readonly policies for each service, but considering the frequency that new services are added, I'm wondering if there is an aggregate "read-all" policy that they provide?


AWS defines some policies that are available in every account. As new services are added these policies are updated so the policy always has read only access. Some of them are job function policies, some are mmore general.

The most relevant ones are:

  • ReadOnlyAccess ( https://console.aws.amazon.com/iam/home#policies/arn:aws:iam::aws:policy/ReadOnlyAccess )
  • SecurityAudit ( https://console.aws.amazon.com/iam/home#policies/arn:aws:iam::aws:policy/SecurityAudit )

These policies can be attached to a Group, User, Role, etc.

Related

Differential Equation of orbit of a planet
Explain the Birthday Paradox
A line is drawn through the point $A(1,2)$ to cut the line $2y=3x-5$ in $P$ and the line $x+y=12$ in $Q$. If $AQ=2AP$, find $P$ and $Q$.
Number of edge disjoint Hamiltonian cycles in a complete graph with even number of vertices.
The system of genus characters determined by a binary quadratic form
Orthogonal matrix and orthonormal columns
Convergence of recurrence sequence
analytic functions defined on $A\cup D$
I have to find a splitting field of $x^{6}-3$ over $\mathbb{F}_{7}$
Distributional Laplacian of logarithm and the Dirac delta distribution
Proof of proposition 5.3.1 of Ravi Vakil's notes on algebraic geometry
Highly Rigorous Logic Book