AWSCloud9ServiceRolePolicy details (in AWS console)
Policy Name
AWSCloud9ServiceRolePolicy
Description
Service Linked Role Policy for AWS Cloud9
ARN
arn:aws:iam::aws:policy/aws-service-role/AWSCloud9ServiceRolePolicy
Path
/aws-service-role/
PolicyId
ANPAJFXGCBXQIZATFZ4YG
AttachmentCount
1
[
{
"Effect": "Allow",
"Action": [
"ec2:RunInstances",
"ec2:CreateSecurityGroup",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"ec2:DescribeInstances",
"ec2:DescribeInstanceStatus",
"cloudformation:CreateStack",
"cloudformation:DescribeStacks",
"cloudformation:DescribeStackEvents",
"cloudformation:DescribeStackResources"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"ec2:TerminateInstances",
"ec2:DeleteSecurityGroup",
"ec2:AuthorizeSecurityGroupIngress"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"cloudformation:DeleteStack"
],
"Resource": [
"arn:aws:cloudformation:*:*:stack/aws-cloud9-*"
]
},
{
"Effect": "Allow",
"Action": [
"ec2:CreateTags"
],
"Resource": [
"arn:aws:ec2:*:*:instance/*",
"arn:aws:ec2:*:*:security-group/*"
]
},
{
"Effect": "Allow",
"Action": [
"ec2:StartInstances",
"ec2:StopInstances"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"ec2:StartInstances",
"ec2:StopInstances"
],
"Resource": [
"arn:aws:license-manager:*:*:license-configuration:*"
]
},
{
"Effect": "Allow",
"Action": [
"iam:ListInstanceProfiles",
"iam:GetInstanceProfile"
],
"Resource": [
"arn:aws:iam::*:instance-profile/cloud9/*"
]
},
{
"Effect": "Allow",
"Action": [
"iam:PassRole"
],
"Resource": [
"arn:aws:iam::*:role/service-role/AWSCloud9SSMAccessRole"
]
}
]