Actions, resources, and condition keys for AWS Snowball
AWS Snowball (service prefix:
snowball
) provides the following service-specific resources, actions, and condition context
keys for use in IAM permission policies.
References:
-
Learn how to configure this service .
-
View a list of the API operations available for this service .
Topics
Actions defined by AWS Snowball
You can specify the following actions in the
Action
element of an IAM policy statement. Use policies to grant permissions to perform
an operation in AWS. When you use an action in a policy, you usually allow or
deny access to the API operation or CLI command with the same name. However,
in some cases, a single action controls access to more than one operation. Alternatively,
some operations require several different actions.
The
Resource types
column indicates whether each action supports resource-level permissions. If
there is no value for this column, you must specify all resources ("*") in the
Resource
element of your policy statement. If the column includes a resource type, then
you can specify an ARN of that type in a statement with that action. Required
resources are indicated in the table with an asterisk (*). If you specify a resource-level
permission ARN in a statement using this action, then it must be of this type.
Some actions support multiple resource types. If the resource type is optional (not
indicated as required), then you can choose to use one but not the other.
For details about the columns in the following table, see The actions table .
Actions | Description | Access level | Resource types (*required) | Condition keys | Dependent actions |
---|---|---|---|---|---|
CancelCluster | Cancels a cluster job. | Write | |||
CancelJob | Cancels the specified job. | Write | |||
CreateAddress | Creates an address for a Snowball to be shipped to. | Write | |||
CreateCluster | Creates an empty cluster. | Write | |||
CreateJob | Creates a job to import or export data between Amazon S3 and your on-premises data center. | Write | |||
CreateReturnShippingLabel | Creates a shipping label that will be used to return the Snow device to AWS. | Write | |||
DescribeAddress | Takes an AddressId and returns specific details about that address in the form of an Address object. | Read | |||
DescribeAddresses | Returns a specified number of ADDRESS objects. | List | |||
DescribeCluster | Returns information about a specific cluster including shipping information, cluster status, and other important metadata. | Read | |||
DescribeJob | Returns information about a specific job including shipping information, job status, and other important metadata. | Read | |||
DescribeReturnShippingLabel | Information on the shipping label of a Snow device that is being returned to AWS. | Read | |||
GetJobManifest | Returns a link to an Amazon S3 presigned URL for the manifest file associated with the specified JobId value. | Read | |||
GetJobUnlockCode | Returns the UnlockCode code value for the specified job. | Read | |||
GetSnowballUsage | Returns information about the Snowball service limit for your account, and also the number of Snowballs your account has in use. | Read | |||
GetSoftwareUpdates | Returns an Amazon S3 presigned URL for an update file associated with a specified JobId. | Read | |||
ListClusterJobs | Returns an array of JobListEntry objects of the specified length. | List | |||
ListClusters | Returns an array of ClusterListEntry objects of the specified length. | List | |||
ListCompatibleImages | This action returns a list of the different Amazon EC2 Amazon Machine Images (AMIs) that are owned by your AWS account that would be supported for use on a Snow device. | List | |||
ListJobs | Returns an array of JobListEntry objects of the specified length. | List | |||
UpdateCluster | While a cluster's ClusterState value is in the AwaitingQuorum state, you can update some of the information associated with a cluster. | Write | |||
UpdateJob | While a job's JobState value is New, you can update some of the information associated with a job. | Write | |||
UpdateJobShipmentState | Updates the state when a the shipment states changes to a different state. | Write |
Resource types defined by AWS Snowball
AWS Snowball does not support specifying a resource ARN in the
Resource
element of an IAM policy statement. To allow access to AWS Snowball, specify
“Resource”: “*”
in your policy.
Condition keys for AWS Snowball
Snowball has no service-specific context keys that can be used in the
Condition
element of policy statements. For the list of the global context keys that are
available to all services, see
Available keys for conditions
.