{"slug":"iam-aws-es","cloud":"aws","service":"es","title":"AWS Elasticsearch Service (IAM)","description":"Amazon Elasticsearch Service (Amazon ES) makes it easy to deploy, operate, and scale Elasticsearch clusters in the AWS cloud.","category":"analytics","common_permissions":["es:DescribeDomain","es:DescribeDomains","es:ListDomainNames","es:ListTags","es:GetIndex","es:CreateIndex","es:UpdateIndex","es:DeleteIndex"],"least_privilege_example":"{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"es:DescribeDomain\",\n        \"es:DescribeDomains\",\n        \"es:ListDomainNames\",\n        \"es:ListTags\",\n        \"es:GetIndex\",\n        \"es:CreateIndex\",\n        \"es:UpdateIndex\",\n        \"es:DeleteIndex\"\n      ],\n      \"Resource\": \"*\"\n    }\n  ]\n}","warnings":["Avoid es:* — grants full control including domain deletion and configuration changes.","Avoid es:DeleteDomain — can permanently remove an Elasticsearch domain and all its data."],"docs":"https://servicereference.us-east-1.amazonaws.com/v1/es/es.json","tags":["iam","aws"],"last_verified":"2026-06-14T00:00:00.000Z","next_check":"2026-12-11T00:00:00.000Z","created_at":"2026-06-14T04:50:31.668Z","updated_at":"2026-06-14T04:50:31.668Z"}