Amazon managed policies for Amazon EC2 Auto Scaling - Amazon EC2 Auto Scaling
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Amazon managed policies for Amazon EC2 Auto Scaling

To add permissions to users, groups, and roles, it is easier to use Amazon managed policies than to write policies yourself. It takes time and expertise to create IAM customer managed policies that provide your team with only the permissions they need. To get started quickly, you can use our Amazon managed policies. These policies cover common use cases and are available in your Amazon Web Services account. For more information about Amazon managed policies, see Amazon managed policies in the IAM User Guide.

Amazon Web Services maintain and update Amazon managed policies. You can't change the permissions in Amazon managed policies. Services occasionally add additional permissions to an Amazon managed policy to support new features. This type of update affects all identities (users, groups, and roles) where the policy is attached. Services are most likely to update an Amazon managed policy when a new feature is launched or when new operations become available. Services do not remove permissions from an Amazon managed policy, so policy updates won't break your existing permissions.

Additionally, Amazon supports managed policies for job functions that span multiple services. For example, the ViewOnlyAccess Amazon managed policy provides read-only access to many Amazon Web Services and resources. When a service launches a new feature, Amazon adds read-only permissions for new operations and resources. For a list and descriptions of job function policies, see Amazon managed policies for job functions in the IAM User Guide.

Amazon EC2 Auto Scaling managed policies

You can attach the following managed policies to your Amazon Identity and Access Management (IAM) entities. Each policy provides access to all or some of the API actions for Amazon EC2 Auto Scaling.

  • AutoScalingFullAccess — Grants full access to Amazon EC2 Auto Scaling for users who need full Amazon EC2 Auto Scaling access from the Amazon CLI or SDKs, but not Amazon Web Services Management Console access.

  • AutoScalingReadOnlyAccess — Grants read-only access to Amazon EC2 Auto Scaling for users who are making calls only to the Amazon CLI or SDKs.

  • AutoScalingConsoleFullAccess — Grants full access to Amazon EC2 Auto Scaling using the Amazon Web Services Management Console. This policy works when you are using launch configurations, but not when you are using launch templates.

  • AutoScalingConsoleReadOnlyAccess — Grants read-only access to Amazon EC2 Auto Scaling using the Amazon Web Services Management Console. This policy works when you are using launch configurations, but not when you are using launch templates.

When you are using launch templates from the console, you need to grant additional permissions specific to launch templates, which are discussed in Launch template support. The Amazon EC2 Auto Scaling console needs permissions for ec2 actions so it can display information about launch templates and launch instances using launch templates.

AutoScalingServiceRolePolicy Amazon managed policy

You can't attach AutoScalingServiceRolePolicy to your IAM entities. This policy is attached to a service-linked role that allows Amazon EC2 Auto Scaling to launch and terminate instances. For more information, see Service-linked roles for Amazon EC2 Auto Scaling.

Amazon EC2 Auto Scaling updates to Amazon managed policies

View details about updates to Amazon managed policies for Amazon EC2 Auto Scaling since this service began tracking these changes. For automatic alerts about changes to this page, subscribe to the RSS feed on the Amazon EC2 Auto Scaling Document history page.

Change Description Date

Amazon EC2 Auto Scaling adds permissions to its service-linked role

The AutoScalingServiceRolePolicy policy now grants permission to call the Amazon Systems Manager GetParameters API action to support an upcoming feature to read parameters from Parameter Store. For more information, see Service-linked roles for Amazon EC2 Auto Scaling. March 28, 2022
Amazon EC2 Auto Scaling adds permissions to its service-linked role To support predictive scaling, the AutoScalingServiceRolePolicy policy now includes permission to call the CloudWatch GetMetricData API action. For more information, see Service-linked roles for Amazon EC2 Auto Scaling. May 19, 2021

Amazon EC2 Auto Scaling started tracking changes

Amazon EC2 Auto Scaling started tracking changes for its Amazon managed policies.

May 19, 2021