article

bethchimeaws avatar image
bethchimeaws posted

Amazon Chime actions for IAM policies

Controlling Access to Amazon Chime admin console using IAM

Access to the Amazon Chime administration console is managed through the AWS Identity and Access Management (IAM) service. AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.

To provide access to the Amazon Chime Console to others, you create IAM users for them to use to log into the AWS account and then access the Amazon Chime console. Using IAM you can grant permissions for these users at a granular level to block or provide read and write access permissions to various details and actions of your Amazon Chime account(s), such as changing permissions, adding users, resetting a users meeting PIN. You create IAM policies that are applied to individual users or groups.

If you are new to IAM see Creating Your First IAM Admin User and Group . For more information about IAM policies, see Access Management. For more information about managing and creating custom IAM policies, see Working with Policies.

The easiest way to manage access for your users who will be provide support services or managing the Amazon Chime account via the Amazon Chime administration console is to use one of the following AWS managed policies preconfigured for Amazon Chime. AWS managed policies are built for specific use cases and will be automatically updated by the Amazon Chime service team when new capabilities are added so your users have immediate access without changes to a custom policy.

Amazon Chime Managed Policies

Amazon Chime provides three AWS managed policies which can be leveraged by customers using IAM roles to control access to the user management and account setup and configuration capabilities from the Amazon Chime administration console.

  • AmazonChimeFullAccess provides full access to Amazon Chime user management and account configuration.
  • AmazonChimeReadOnly provides read only access to Amazon Chime user management and account configuration.
  • AmazonChimeUserManagement provides full user management capabilities and read only access to account settings and configuration.

See the Amazon Chime Actions table below for actions associated with the above managed policies.

Example

The following screens show a group called Admin with three users:

The Permissions tab shows that the users in the Admin group will have all the actions granted and managed in the AmazonChimeFullAccess managed policy.


Amazon Chime Actions

You can find a list of the all Amazon Chime actions here: https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonchime.html


consoleaccessiampolicies
iam-policy-01.png (221.4 KiB)
iam-policy-02.png (201.3 KiB)
10 |600 characters needed characters left characters exceeded

Up to 25 attachments (including images) can be used with a maximum of 10.0 MiB each and 96.4 MiB total.

Documentation

View the Amazon Chime User, Administration Guide and API Reference on the AWS Documentation site.

Website

Find more information about the Amazon Chime solution, pricing, customer references, getting started, and other resources.

Article

Contributors

BethChimeAWS contributed to this article

Related Articles