IAM managed policy for read-only access (on path to deprecation) - Amazon EMR
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

IAM managed policy for read-only access (on path to deprecation)

The AmazonElasticMapReduceReadOnlyAccess managed policy is on the path to deprecation. You cannot attach this policy when launching new clusters. AmazonElasticMapReduceReadOnlyAccess has been replaced with AmazonEMRReadOnlyAccessPolicy_v2 as the Amazon EMR default managed policy. The content of this policy statement is shown in the following snippet. Wildcard characters for the elasticmapreduce element specify that only actions that begin with the specified strings are allowed. Keep in mind that because this policy does not explicitly deny actions, a different policy statement may still be used to grant access to specified actions.

Note

You can also use the Amazon Web Services Management Console to view the policy.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "elasticmapreduce:Describe*",
        "elasticmapreduce:List*",
        "elasticmapreduce:ViewEventsFromAllClustersInConsole",
        "s3:GetObject",
        "s3:ListAllMyBuckets",
        "s3:ListBucket",
        "sdb:Select",
        "cloudwatch:GetMetricStatistics"
      ],
      "Resource": "*"
    }
  ]
}