checklist.day

AWS DataSync (IAM)

JSON →
aws storage

AWS DataSync is a data transfer service that simplifies, automates, and accelerates moving data between on-premises storage and AWS.

Common permissions

datasync:ListTasksdatasync:DescribeTaskdatasync:CreateTaskdatasync:UpdateTaskdatasync:ListAgentsdatasync:DescribeAgentdatasync:CreateAgentdatasync:StartTaskExecution

Least-privilege example

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "datasync:ListTasks",
        "datasync:DescribeTask",
        "datasync:CreateTask",
        "datasync:UpdateTask",
        "datasync:ListAgents",
        "datasync:DescribeAgent",
        "datasync:CreateAgent",
        "datasync:StartTaskExecution"
      ],
      "Resource": "*"
    }
  ]
}

Warnings

Resources

AWS referenceservicereference.us-east-1.amazonaws.com/v1/datasync/datasync.json ↗

API

full doc /v1/iam/datasync