How do I grant an IAM user access to file support cases?

Last updated: 2020-09-11

An AWS Identity and Access Management (IAM) user on my AWS account can’t file support cases.

Resolution

By default, IAM users on an AWS account can't access services and functions unless the AWS account root user explicitly grants access. You can grant permission to IAM users to access the AWS Support Center by attaching a managed policy to the IAM user, group, or role.

Follow the instructions to use a managed policy as a permissions policy for an identity (console), and then choose the AWSSupportAccess policy.

The following example policy grants access to AWS Support but restricts the IAM user from resolving cases:

{
   "Version": "2012-10-17",
   "Statement": [
   {
      "Effect": "Allow",
      "Action": "support:*",
      "Resource": "*"
   },
   {
       "Effect": "Deny",
       "Action": "support:ResolveCase",
       "Resource": "*"
    }]
}

For additional information, see Access AWS Support.

Be sure that the IAM users have permissions to view and access AWS services before contacting AWS Support. For instructions on updating an existing IAM policy, see Managing IAM policies.

Note: AWS Support is limited in what they can discuss with IAM users, but they can speak with the AWS account root user about all the details related to an account and its resources.


Did this article help?


Do you need billing or technical support?