AWSTrustedAdvisorPriorityFullAccess details (in AWS console)
Policy Name
AWSTrustedAdvisorPriorityFullAccess
Description
Provides full access to AWS Trusted Advisor Priority. This policy also enables the user to add Trusted Advisor as a trusted service with AWS Organizations and to specify delegated administrator accounts for Trusted Advisor Priority.
ARN
arn:aws:iam::aws:policy/AWSTrustedAdvisorPriorityFullAccess
Path
/
PolicyId
ANPAZKAPJZG4LJLEVDMJO
AttachmentCount
0
[
{
"Effect": "Allow",
"Action": [
"trustedadvisor:DescribeAccount*",
"trustedadvisor:DescribeOrganization",
"trustedadvisor:DescribeRisk*",
"trustedadvisor:DownloadRisk",
"trustedadvisor:UpdateRiskStatus",
"trustedadvisor:DescribeNotificationConfigurations",
"trustedadvisor:UpdateNotificationConfigurations",
"trustedadvisor:DeleteNotificationConfigurationForDelegatedAdmin",
"trustedadvisor:SetOrganizationAccess"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"organizations:DescribeAccount",
"organizations:DescribeOrganization",
"organizations:ListAWSServiceAccessForOrganization"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"organizations:ListDelegatedAdministrators",
"organizations:EnableAWSServiceAccess",
"organizations:DisableAWSServiceAccess"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"iam:CreateServiceLinkedRole"
],
"Resource": [
"arn:aws:iam::*:role/aws-service-role/reporting.trustedadvisor.amazonaws.com/AWSServiceRoleForTrustedAdvisorReporting"
]
},
{
"Effect": "Allow",
"Action": [
"organizations:RegisterDelegatedAdministrator",
"organizations:DeregisterDelegatedAdministrator"
],
"Resource": [
"arn:aws:organizations::*:*"
]
}
]