Amazon DocumentDB (with MongoDB compatibility) Elastic Clusters (IAM)

aws database

Amazon DocumentDB Elastic Clusters is a fully managed, scalable document database service that supports MongoDB-compatible workloads with elastic scalability.

Common permissions

docdb-elastic:GetClusterdocdb-elastic:ListClustersdocdb-elastic:StartClusterdocdb-elastic:StopClusterdocdb-elastic:CreateClusterdocdb-elastic:UpdateClusterdocdb-elastic:GetClusterSnapshotdocdb-elastic:ListClusterSnapshots

Least-privilege example

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "docdb-elastic:GetCluster",
        "docdb-elastic:ListClusters",
        "docdb-elastic:StartCluster",
        "docdb-elastic:StopCluster",
        "docdb-elastic:CreateCluster",
        "docdb-elastic:UpdateCluster",
        "docdb-elastic:GetClusterSnapshot",
        "docdb-elastic:ListClusterSnapshots"
      ],
      "Resource": "*"
    }
  ]
}

Warnings

Avoid docdb-elastic:* — grants full control including delete/modify of clusters and snapshots
Avoid docdb-elastic:DeleteCluster — can permanently delete clusters and all data

Resources

AWS referenceservicereference.us-east-1.amazonaws.com/v1/docdb-elastic/docdb-elastic.json ↗

API

full doc /v1/iam/docdb-elastic