AWS Global Accelerator (IAM)

aws networking

AWS Global Accelerator is a networking service that improves the availability and performance of applications with global users.

Common permissions

globalaccelerator:ListAcceleratorsglobalaccelerator:DescribeAcceleratorglobalaccelerator:CreateAcceleratorglobalaccelerator:UpdateAcceleratorglobalaccelerator:ListListenersglobalaccelerator:DescribeListenerglobalaccelerator:CreateListenerglobalaccelerator:ListEndpointGroups

Least-privilege example

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "globalaccelerator:ListAccelerators",
        "globalaccelerator:DescribeAccelerator",
        "globalaccelerator:CreateAccelerator",
        "globalaccelerator:UpdateAccelerator",
        "globalaccelerator:ListListeners",
        "globalaccelerator:DescribeListener",
        "globalaccelerator:CreateListener",
        "globalaccelerator:ListEndpointGroups"
      ],
      "Resource": "*"
    }
  ]
}

Warnings

Avoid globalaccelerator:* — grants full control including delete and modify operations.
Avoid globalaccelerator:DeleteAccelerator — can permanently delete accelerators.

Resources

AWS referenceservicereference.us-east-1.amazonaws.com/v1/globalaccelerator/globalaccelerator.json ↗

API

full doc /v1/iam/globalaccelerator