AWS Storage Gateway (IAM)
JSON →AWS Storage Gateway is a hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage.
Common permissions
storagegateway:ListGatewaysstoragegateway:DescribeCachestoragegateway:ListVolumesstoragegateway:ListTapesstoragegateway:DescribeTapesstoragegateway:CreateSnapshotstoragegateway:ListFileSharesstoragegateway:DescribeNFSFileShares Least-privilege example
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"storagegateway:ListGateways",
"storagegateway:DescribeCache",
"storagegateway:ListVolumes",
"storagegateway:ListTapes",
"storagegateway:DescribeTapes",
"storagegateway:CreateSnapshot",
"storagegateway:ListFileShares",
"storagegateway:DescribeNFSFileShares"
],
"Resource": "*"
}
]
} Warnings
- Avoid storagegateway:* — grants full control including delete and modify operations.
- Avoid storagegateway:DeleteVolume — can permanently delete volumes.
Resources
API
full doc /v1/iam/storagegateway