IAM and permissions for zonal shift - Amazon Route 53 Application Recovery Controller
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

IAM and permissions for zonal shift

This section provides additional information about how permissions work for the zonal shift feature in Amazon Route 53 Application Recovery Controller, especially if you work with the feature from another Amazon service, such as Elastic Load Balancing. To learn about how Route 53 ARC features works with IAM and permissions in general, review the information in the overview topic, Identity and Access Management for zonal shift in Amazon Route 53 Application Recovery Controller.

In addition to the permissions outlined in the IAM overview topic, the following applies to zonal shift for IAM and permissions:

  • Make sure that you have the required permissions for working with zonal shift in Route 53 ARC. For more information, see zonal shift console access and zonal shift operations access.

  • You do not need to add additional Elastic Load Balancing permissions with IAM to work with zonal shifts for managed load balancer resources in your account in Route 53 ARC.

  • An Amazon managed policy that provides full access for Elastic Load Balancing includes permissions for working with zonal shifts. If you use Amazon managed policies for Elastic Load Balancing access, you do not need additional permissions in IAM for zonal shift to start zonal shifts for load balancers or work with in the Elastic Load Balancing console. For more information, see Amazon managed policies for Elastic Load Balancing.