AWS Policy Generator
The new AWS Policy Generator simplifies the process of creating policy documents for the Amazon Simple Queue Service (SQS), Amazon S3, the Amazon Simple Notification Service (SNS), and AWS Identity and Access Management (IAM).
You begin by selecting the type of policy that you’d like to create. I’ll create an IAM policy for this post. This policy will allow access to just three of the Route 53 functions: CreateHostedZone, GetHostedZone, and DeleteHostedZone.
Then you select a service and fill in the details. I chose to create an IAM policy to regulate access to Route 53.
The AWS Policy Generator also allows me to enter include the name of an AWS resource in the policy:
I can also choose to include conditions within my policy:
The Policy Generator shows me the current statements as I build the policy:
I can generate my Access Policy by clicking the Generate Policy button:
You can copy the policy, paste it into a text file, and then use it with the APIs calls or command-line tools as appropriate.
Check out the AWS Policy Generator today and make better use of our fine-grained access control mechanisms!