{"slug":"iam-aws-workspaces","cloud":"aws","service":"workspaces","title":"AWS WorkSpaces (IAM)","description":"Amazon WorkSpaces provides a fully managed, secure Desktop-as-a-Service (DaaS) solution to provision virtual desktops in the cloud.","category":"compute","common_permissions":["workspaces:DescribeWorkspaces","workspaces:DescribeWorkspacesPools","workspaces:DescribeWorkspaceBundles","workspaces:DescribeWorkspaceImages","workspaces:DescribeIpGroups","workspaces:DescribeAccount","workspaces:DescribeTags","workspaces:DescribeConnectionAliases"],"least_privilege_example":"{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"workspaces:DescribeWorkspaces\",\n        \"workspaces:DescribeWorkspacesPools\",\n        \"workspaces:DescribeWorkspaceBundles\",\n        \"workspaces:DescribeWorkspaceImages\",\n        \"workspaces:DescribeIpGroups\",\n        \"workspaces:DescribeAccount\",\n        \"workspaces:DescribeTags\",\n        \"workspaces:DescribeConnectionAliases\"\n      ],\n      \"Resource\": \"*\"\n    }\n  ]\n}","warnings":["Avoid workspaces:* — grants full control including creating, modifying, and deleting WorkSpaces, images, and bundles","Avoid workspaces:CreateWorkspaces and workspaces:StopWorkspaces — can provision or disrupt virtual desktops without proper authorization"],"docs":"https://servicereference.us-east-1.amazonaws.com/v1/workspaces/workspaces.json","tags":["iam","aws"],"last_verified":"2026-06-14T00:00:00.000Z","next_check":"2026-12-11T00:00:00.000Z","created_at":"2026-06-14T04:51:18.801Z","updated_at":"2026-06-14T04:51:18.801Z"}