API Gateway |
Allows API Gateway to push logs to CloudWatch Logs. |
apigateway.amazonaws.com |
EC2 |
Allows EC2 instances to call AWS services on your behalf. |
ec2.amazonaws.com.cn |
EC2 Role for AWS Systems Manager |
Allows EC2 instances to call AWS services like CloudWatch and Systems Manager on your behalf. |
ec2.amazonaws.com.cn |
Lambda |
Allows Lambda functions to call AWS services on your behalf. |
lambda.amazonaws.com |
AWS Greengrass Role |
Allows AWS Greengrass to call AWS Services on your behalf. |
greengrass.amazonaws.com |
EC2 - Fleet |
Allows EC2 Fleet to launch and manage EC2 instances on your behalf. |
ec2fleet.amazonaws.com |
MediaConvert |
Allows MediaConvert service to call S3 APIs and API Gateway on your behalf. |
mediaconvert.amazonaws.com |
AWS Support |
Allows AWS Support to access AWS resources to provide billing, administrative, and support services. |
support.amazonaws.com |
EC2 Auto Scaling |
Allows EC2 Auto Scaling to use or manage AWS services and resources on your behalf. |
autoscaling.amazonaws.com |
EC2 Auto Scaling Notification Access |
Allows EC2 Auto Scaling to publish to SNS and SQS notification targets in your account. |
autoscaling.amazonaws.com.cn autoscaling.amazonaws.com |
RDS - Add Role to Database |
Allows you to grant RDS access to additional resources on your behalf. |
rds.amazonaws.com |
RDS - Directory Service |
Allows RDS to manage Directory Service resources on your behalf. |
rds.amazonaws.com directoryservice.rds.amazonaws.com |
RDS - Operations |
Allows RDS to perform operations using AWS resources on your behalf. |
rds.amazonaws.com |
RDS Role for Enhanced Monitoring |
Allows RDS to manage CloudWatch Logs resources for Enhanced Monitoring on your behalf. |
monitoring.rds.amazonaws.com |
Application Auto Scaling - AppStream |
Allows Application Auto Scaling to call AppStream and CloudWatch on your behalf. |
appstream.application-autoscaling.amazonaws.com |
Application Auto Scaling - Custom Resource |
Allows Application Auto Scaling to call API Gateway and CloudWatch to manage scaling of a custom resource on your behalf. |
custom-resource.application-autoscaling.amazonaws.com |
Application Auto Scaling - DynamoDB |
Allows Application Auto Scaling to call DynamoDB and CloudWatch on your behalf. |
dynamodb.application-autoscaling.amazonaws.com |
Application Auto Scaling - EC2 Spot Fleet |
Allows Application Auto Scaling to call EC2 Spot Fleet and CloudWatch on your behalf. |
ec2.application-autoscaling.amazonaws.com |
Application Auto Scaling - ECS |
Allows Application Auto Scaling to call ECS and CloudWatch on your behalf. |
ecs.application-autoscaling.amazonaws.com |
EMR |
Allows Elastic MapReduce to call AWS services such as EC2 on your behalf. |
elasticmapreduce.amazonaws.com.cn |
EMR - Cleanup |
Allows EMR to terminate instances and delete resources from EC2 on your behalf. |
elasticmapreduce.amazonaws.com.cn |
EMR Role for EC2 |
Allows EC2 instances in an Elastic MapReduce cluster to call AWS services such as S3 on your behalf. |
ec2.amazonaws.com.cn |
Redshift |
Allows Redshift clusters to call AWS services on your behalf. |
redshift.amazonaws.com |
Redshift - Scheduler |
Allow Redshift Scheduler to call Redshift on your behalf. |
scheduler.redshift.amazonaws.com |
CloudFormation |
Allows CloudFormation to create and manage AWS stacks and resources on your behalf. |
cloudformation.amazonaws.com |
ElastiCache |
Allows ElastiCache to manage AWS resources for your cache on your behalf. |
elasticache.amazonaws.com |
S3 |
Allows S3 to call AWS services on your behalf. |
s3.amazonaws.com |
S3 Batch Operations |
Allows S3 Batch Operations to call AWS services on your behalf. |
batchoperations.s3.amazonaws.com |
CloudWatch - EC2 Actions |
Allows CloudWatch to manage EC2 instances on your behalf. |
events.amazonaws.com |
Elastic Beanstalk |
Allows Elastic Beanstalk to create and manage AWS resources on your behalf. |
elasticbeanstalk.amazonaws.com |
SMS |
Allows Server Migration Service to create and manage AWS resources on your behalf. |
sms.amazonaws.com |
CodeBuild |
Allows CodeBuild to call AWS services on your behalf. |
codebuild.amazonaws.com |
EC2 Role for Elastic Container Service |
Allows EC2 instances in an ECS cluster to access ECS. |
ec2.amazonaws.com.cn |
Elastic Container Service |
Allows ECS to create and manage AWS resources on your behalf. |
ecs.amazonaws.com |
Elastic Container Service Autoscale |
Allows Auto Scaling to access and update ECS services. |
application-autoscaling.amazonaws.com.cn |
Elastic Container Service Task |
Allows ECS tasks to call AWS services on your behalf. |
ecs-tasks.amazonaws.com |
SWF |
Allows SWF workflows to invoke Lambda functions on your behalf. |
swf.amazonaws.com |
CodeDeploy |
Allows CodeDeploy to call AWS services such as Auto Scaling on your behalf. |
codedeploy.amazonaws.com |
CodeDeployRoleForECS |
Allows CodeDeploy service wide access to perform an ECS blue or green deployment on your behalf. |
codedeploy.amazonaws.com |
CodeDeployRoleForLambda |
Provides CodeDeploy service access to perform a Lambda deployment on your behalf. |
codedeploy.amazonaws.com |
Elastic Load Balancing |
Allows ELB to call AWS services on your behalf. |
elasticloadbalancing.amazonaws.com |
Step Functions |
Allows Step Functions to access AWS resources on your behalf. |
states.amazonaws.com |
Config |
Allows Config to call AWS services and collect resource configurations on your behalf. |
config.amazonaws.com |
Config - Customizable |
Allows Config to call AWS services and collect resource configurations on your behalf. |
config.amazonaws.com.cn |
IoT |
Allows IoT to call AWS services on your behalf. |
iot.amazonaws.com |
Storage Gateway |
Allows Storage Gateway to call AWS services on your behalf. |
storagegateway.amazonaws.com |
DMS |
Allows Database Migration Service to call AWS services on your behalf. |
dms.amazonaws.com |
Kinesis Firehose |
Allows Kinesis Firehose to transform and deliver data to your destinations using CloudWatch Logs, Lambda, and S3 on your behalf. |
firehose.amazonaws.com |
Trusted Advisor |
Allows Trusted Advisor to access AWS services on your behalf. |
trustedadvisor.amazonaws.com |