Using Roles or Policies to Assign Custom Permissions to IAM Users

Configuring a server purchase template

vpc:vpcs:list (Listing VPCs)

vpc:subnets:get (Querying subnets or querying details about a subnet)

vpc:securityGroups:get (Querying security groups or querying details about a security group)

eps:enterpriseProjects:list (Listing enterprise projects)

ecs:availabilityZones:list (Listing AZs)

Manually configuring target server specifications

ecs:cloudServerFlavors:get (Querying details about flavors and extended flavor information)

evs:types:get (Querying EVS disk types)

ims:images:list (Listing images)

ims:images:get (Querying details about an image)

Associating source servers with existing target servers

evs:volumes:list (Listing EVS disks)

ecs:cloudServers:list (Querying details about ECSs)

ecs:cloudServers:showServer (Querying details about an ECS)

ims:images:get (Querying details about a specified image)

Importing target resource configurations during the design of server migration plans

obs:bucket:ListBucket (Listing objects in a bucket)

obs:bucket:ListAllMyBuckets (Listing buckets)

Creating a server migration workflow

vpc:vpcs:list (Listing VPCs)

vpc:vpcs:get (Querying VPC details)

vpc:subnets:get (Querying subnets or querying details about a subnet)

vpc:securityGroups:get (Querying security groups or querying details about a security group)

eps:enterpriseProjects:list (Listing enterprise projects)

eps:enterpriseProjects:get (Querying details about an enterprise project)

kms:cmk:list (Listing keys)

kms:cmk:get (Querying key information)

kms:dek:create (Creating a DEK)

kms:dek:decrypt (Decrypting a DEK)

sms:server:migrationServer (Migrating a source server)

sms:server:queryServer (Querying source servers)

smn:topic:list (Listing topics)

Getting server recommendations

ecs:cloudServerFlavors:get (Querying details about flavors and extended flavor information)

ecs:cloudServers:list (Querying details about ECSs)

ims:images:list (Listing images)

ims:images:get (Querying details about an image)

evs:volumes:list (Listing EVS disks)

evs:types:get (Querying EVS disk types)

Creating a cross-az migration workflow

ecs:availabilityZones:list (Listing AZs)

smn:topic:list (Listing topics)

Configuring product mappings for TCO analysis

ecs:cloudServerFlavors:get (Querying details about flavors and extended flavor information)

ims:images:list (Listing images)

evs:types:get (Querying EVS disk types)

Configuring target buckets in an object storage migration plan

obs:bucket:ListAllMyBuckets (Listing buckets)

Creating a storage migration workflow

OMS Administrator (Full permissions for OMS)

smn:topic:list (Listing topics)

smn:topic:updateNotifyPolicy (Granting the permissions to modify notification policies)

smn:topic:update (Granting the permissions to update a topic, including adding subscriptions)

Creating a migration cluster

OMS Administrator (Full permissions for OMS)

nat:natGateways:list (Listing NAT gateways)

vpc:vpcs:list (Listing VPCs)

vpc:subnets:get (Querying subnets or querying details about a subnet)

vpc:publicIps:list (Listing EIPs)

ecs:cloudServerFlavors:get (Querying details about flavors and extended flavor information)

Authorizing an agency

iam:agencies:listAgencies (Querying agencies based on specified conditions)

iam:roles:listRoles (Listing permissions)

iam:quotas:listQuotas (Listing quotas)

iam:permissions:listRolesForAgency (Listing permissions of an agency)

iam:agencies:createAgency (Creating an agency)

iam:permissions:grantRoleToAgency (Granting specified permissions to an agency)

iam:roles:createRole (Creating a custom policy)

iam:roles:updateRole (Modifying a custom policy)

iam:permissions:revokeRoleFromAgency (Revoking permissions from an agency)