This post is different than my usual ones as I’m not writing a solutions guide. Basically I was looking for a complete list (JSON, XML, …) of all AWS Services which I can use in IAM policies. Unfortunately I didn’t find anything. So I coded a small tool which does this for me. I want to share the final JSON file in case somebody needs it, too. There are situations where you would need such a list in case you create IAM policies with many explicit DENY or ALLOW sections.
The JSON is a list of items. Each item is a list of items by itself. The first attribute is the name of the AWS Service and the second attribute is the service prefix you would use when writing IAM policies referencing this AWS Service.
And now that’s the list in JSON format:
[
[
"AWS Accounts",
"account"
],
[
"Alexa for Business",
"a4b"
],
[
"AWS Amplify",
"amplify"
],
[
"Amazon API Gateway",
"execute-api"
],
[
"AWS App Mesh",
"appmesh"
],
[
"AWS App Mesh Preview",
"appmesh-preview"
],
[
"AWS AppConfig",
"appconfig"
],
[
"Amazon AppFlow",
"appflow"
],
[
"Application Auto Scaling",
"application-autoscaling"
],
[
"Application Discovery",
"discovery"
],
[
"Application Discovery Arsenal",
"arsenal"
],
[
"Amazon AppStream 2.0",
"appstream"
],
[
"AWS AppSync",
"appsync"
],
[
"AWS Artifact",
"artifact"
],
[
"Amazon Athena",
"athena"
],
[
"AWS Auto Scaling",
"autoscaling-plans"
],
[
"AWS Backup",
"backup"
],
[
"AWS Backup storage",
"backup-storage"
],
[
"AWS Batch",
"batch"
],
[
"AWS Billing",
"aws-portal"
],
[
"AWS Budget Service",
"budgets"
],
[
"AWS Certificate Manager",
"acm"
],
[
"AWS Certificate Manager Private Certificate Authority",
"acm-pca"
],
[
"AWS Chatbot",
"chatbot"
],
[
"Amazon Chime",
"chime"
],
[
"Amazon Cloud Directory",
"clouddirectory"
],
[
"AWS Cloud Map",
"servicediscovery"
],
[
"AWS Cloud9",
"cloud9"
],
[
"AWS CloudFormation",
"cloudformation"
],
[
"Amazon CloudFront",
"cloudfront"
],
[
"AWS CloudHSM",
"cloudhsm"
],
[
"Amazon CloudSearch",
"cloudsearch"
],
[
"AWS CloudTrail",
"cloudtrail"
],
[
"Amazon CloudWatch",
"cloudwatch"
],
[
"CloudWatch Application Insights",
"applicationinsights"
],
[
"Amazon CloudWatch Logs",
"logs"
],
[
"Amazon CloudWatch Synthetics",
"synthetics"
],
[
"AWS Code Signing for Amazon FreeRTOS",
"signer"
],
[
"AWS CodeArtifact",
"codeartifact"
],
[
"AWS CodeBuild",
"codebuild"
],
[
"AWS CodeCommit",
"codecommit"
],
[
"AWS CodeDeploy",
"codedeploy"
],
[
"Amazon CodeGuru",
"codeguru"
],
[
"Amazon CodeGuru Profiler",
"codeguru-profiler"
],
[
"Amazon CodeGuru Reviewer",
"codeguru-reviewer"
],
[
"AWS CodePipeline",
"codepipeline"
],
[
"AWS CodeStar",
"codestar"
],
[
"AWS CodeStar Connections",
"codestar-connections"
],
[
"AWS CodeStar Notifications",
"codestar-notifications"
],
[
"Amazon Cognito Identity",
"cognito-identity"
],
[
"Amazon Cognito Sync",
"cognito-sync"
],
[
"Amazon Cognito User Pools",
"cognito-idp"
],
[
"Amazon Comprehend",
"comprehend"
],
[
"Comprehend Medical",
"comprehendmedical"
],
[
"Compute Optimizer",
"compute-optimizer"
],
[
"AWS Config",
"config"
],
[
"Amazon Connect",
"connect"
],
[
"AWS Connector Service",
"awsconnector"
],
[
"AWS Cost and Usage Report",
"cur"
],
[
"AWS Cost Explorer Service",
"ce"
],
[
"AWS Data Exchange",
"dataexchange"
],
[
"Amazon Data Lifecycle Manager",
"dlm"
],
[
"Data Pipeline",
"datapipeline"
],
[
"AWS Database Migration Service",
"dms"
],
[
"Database Query Metadata Service",
"dbqms"
],
[
"DataSync",
"datasync"
],
[
"AWS DeepComposer",
"deepcomposer"
],
[
"AWS DeepLens",
"deeplens"
],
[
"AWS DeepRacer",
"deepracer"
],
[
"Amazon Detective",
"detective"
],
[
"AWS Device Farm",
"devicefarm"
],
[
"AWS Direct Connect",
"directconnect"
],
[
"AWS Directory Service",
"ds"
],
[
"Amazon DynamoDB",
"dynamodb"
],
[
"Amazon DynamoDB Accelerator (DAX)",
"dax"
],
[
"Amazon EC2",
"ec2"
],
[
"Amazon EC2 Auto Scaling",
"autoscaling"
],
[
"Amazon EC2 Image Builder",
"imagebuilder"
],
[
"Amazon EC2 Instance Connect",
"ec2-instance-connect"
],
[
"AWS Elastic Beanstalk",
"elasticbeanstalk"
],
[
"Amazon Elastic Block Store",
"ebs"
],
[
"Amazon Elastic Container Registry",
"ecr"
],
[
"Amazon Elastic Container Service",
"ecs"
],
[
"Amazon Elastic Container Service for Kubernetes",
"eks"
],
[
"Amazon Elastic File System",
"elasticfilesystem"
],
[
"Amazon Elastic Inference",
"elastic-inference"
],
[
"Elastic Load Balancing",
"elasticloadbalancing"
],
[
"Elastic Load Balancing V2",
"elasticloadbalancing"
],
[
"Amazon Elastic MapReduce",
"elasticmapreduce"
],
[
"Amazon Elastic Transcoder",
"elastictranscoder"
],
[
"Amazon ElastiCache",
"elasticache"
],
[
"Amazon Elasticsearch Service",
"es"
],
[
"AWS Elemental Appliances and Software",
"elemental-appliances-software"
],
[
"AWS Elemental MediaConnect",
"mediaconnect"
],
[
"AWS Elemental MediaConvert",
"mediaconvert"
],
[
"AWS Elemental MediaLive",
"medialive"
],
[
"AWS Elemental MediaPackage",
"mediapackage"
],
[
"AWS Elemental MediaPackage VOD",
"mediapackage-vod"
],
[
"AWS Elemental MediaStore",
"mediastore"
],
[
"AWS Elemental MediaTailor",
"mediatailor"
],
[
"Amazon EventBridge",
"events"
],
[
"Amazon EventBridge Schemas",
"schemas"
],
[
"AWS Firewall Manager",
"fms"
],
[
"Amazon Forecast",
"forecast"
],
[
"Amazon Fraud Detector",
"frauddetector"
],
[
"Amazon FreeRTOS",
"freertos"
],
[
"Amazon FSx",
"fsx"
],
[
"Amazon GameLift",
"gamelift"
],
[
"Amazon Glacier",
"glacier"
],
[
"AWS Global Accelerator",
"globalaccelerator"
],
[
"AWS Glue",
"glue"
],
[
"AWS Ground Station",
"groundstation"
],
[
"Amazon GroundTruth Labeling",
"groundtruthlabeling"
],
[
"Amazon GuardDuty",
"guardduty"
],
[
"AWS Health APIs and Notifications",
"health"
],
[
"Amazon Honeycode",
"honeycode"
],
[
"IAM Access Analyzer",
"access-analyzer"
],
[
"Identity And Access Management",
"iam"
],
[
"AWS Import Export Disk Service",
"importexport"
],
[
"Amazon Inspector",
"inspector"
],
[
"Amazon Interactive Video Service",
"ivs"
],
[
"AWS IoT",
"iot"
],
[
"AWS IoT 1-Click",
"iot1click"
],
[
"AWS IoT Analytics",
"iotanalytics"
],
[
"AWS IoT Device Tester",
"iot-device-tester"
],
[
"AWS IoT Events",
"iotevents"
],
[
"AWS IoT Greengrass",
"greengrass"
],
[
"AWS IoT SiteWise",
"iotsitewise"
],
[
"AWS IoT Things Graph",
"iotthingsgraph"
],
[
"AWS IQ",
"iq"
],
[
"AWS IQ Permissions",
"iq-permission"
],
[
"Amazon Kendra",
"kendra"
],
[
"AWS Key Management Service",
"kms"
],
[
"Amazon Keyspaces (for Apache Cassandra)",
"cassandra"
],
[
"Amazon Kinesis",
"kinesis"
],
[
"Amazon Kinesis Analytics",
"kinesisanalytics"
],
[
"Amazon Kinesis Analytics V2",
"kinesisanalytics"
],
[
"Amazon Kinesis Firehose",
"firehose"
],
[
"Amazon Kinesis Video Streams",
"kinesisvideo"
],
[
"AWS Lake Formation",
"lakeformation"
],
[
"AWS Lambda",
"lambda"
],
[
"Launch Wizard",
"launchwizard"
],
[
"Amazon Lex",
"lex"
],
[
"AWS License Manager",
"license-manager"
],
[
"Amazon Lightsail",
"lightsail"
],
[
"Amazon Machine Learning",
"machinelearning"
],
[
"Amazon Macie",
"macie2"
],
[
"Amazon Macie Classic",
"macie"
],
[
"Manage Amazon API Gateway",
"apigateway"
],
[
"Amazon Managed Blockchain",
"managedblockchain"
],
[
"Amazon Managed Streaming for Apache Kafka",
"kafka"
],
[
"AWS Marketplace",
"aws-marketplace"
],
[
"AWS Marketplace Catalog",
"aws-marketplace"
],
[
"AWS Marketplace Entitlement Service",
"aws-marketplace"
],
[
"AWS Marketplace Image Building Service",
"aws-marketplace"
],
[
"AWS Marketplace Management Portal",
"aws-marketplace-management"
],
[
"AWS Marketplace Metering Service",
"aws-marketplace"
],
[
"AWS Marketplace Procurement Systems Integration",
"aws-marketplace"
],
[
"Amazon Mechanical Turk",
"mechanicalturk"
],
[
"Amazon Message Delivery Service",
"ec2messages"
],
[
"AWS Migration Hub",
"mgh"
],
[
"Amazon Mobile Analytics",
"mobileanalytics"
],
[
"AWS Mobile Hub",
"mobilehub"
],
[
"Amazon MQ",
"mq"
],
[
"Amazon Neptune",
"neptune-db"
],
[
"Network Manager",
"networkmanager"
],
[
"AWS OpsWorks",
"opsworks"
],
[
"AWS OpsWorks Configuration Management",
"opsworks-cm"
],
[
"AWS Organizations",
"organizations"
],
[
"AWS Outposts",
"outposts"
],
[
"AWS Performance Insights",
"pi"
],
[
"Amazon Personalize",
"personalize"
],
[
"Amazon Pinpoint",
"mobiletargeting"
],
[
"Amazon Pinpoint Email Service",
"ses"
],
[
"Amazon Pinpoint SMS and Voice Service",
"sms-voice"
],
[
"Amazon Polly",
"polly"
],
[
"AWS Price List",
"pricing"
],
[
"AWS Private Marketplace",
"aws-marketplace"
],
[
"AWS Purchase Orders Console",
"purchase-orders"
],
[
"Amazon QLDB",
"qldb"
],
[
"Amazon QuickSight",
"quicksight"
],
[
"Amazon RDS",
"rds"
],
[
"Amazon RDS Data API",
"rds-data"
],
[
"Amazon RDS IAM Authentication",
"rds-db"
],
[
"Amazon Redshift",
"redshift"
],
[
"Amazon Rekognition",
"rekognition"
],
[
"AWS Resource Access Manager",
"ram"
],
[
"Amazon Resource Group Tagging API",
"tag"
],
[
"AWS Resource Groups",
"resource-groups"
],
[
"AWS RoboMaker",
"robomaker"
],
[
"Amazon Route 53",
"route53"
],
[
"Amazon Route 53 Resolver",
"route53resolver"
],
[
"Amazon Route53 Domains",
"route53domains"
],
[
"Amazon S3",
"s3"
],
[
"Amazon SageMaker",
"sagemaker"
],
[
"AWS Savings Plans",
"savingsplans"
],
[
"AWS Secrets Manager",
"secretsmanager"
],
[
"AWS Security Hub",
"securityhub"
],
[
"AWS Security Token Service",
"sts"
],
[
"AWS Server Migration Service",
"sms"
],
[
"AWS Serverless Application Repository",
"serverlessrepo"
],
[
"AWS Service Catalog",
"servicecatalog"
],
[
"Service Quotas",
"servicequotas"
],
[
"Amazon SES",
"ses"
],
[
"Amazon Session Manager Message Gateway Service",
"ssmmessages"
],
[
"AWS Shield",
"shield"
],
[
"Amazon Simple Workflow Service",
"swf"
],
[
"Amazon SimpleDB",
"sdb"
],
[
"AWS Snowball",
"snowball"
],
[
"Amazon SNS",
"sns"
],
[
"Amazon SQS",
"sqs"
],
[
"AWS SSO",
"sso"
],
[
"AWS SSO Directory",
"sso-directory"
],
[
"AWS Step Functions",
"states"
],
[
"Amazon Storage Gateway",
"storagegateway"
],
[
"Amazon Sumerian",
"sumerian"
],
[
"AWS Support",
"support"
],
[
"AWS Systems Manager",
"ssm"
],
[
"AWS Tag Editor",
"resource-explorer"
],
[
"Amazon Textract",
"textract"
],
[
"Amazon Transcribe",
"transcribe"
],
[
"AWS Transfer for SFTP",
"transfer"
],
[
"Amazon Translate",
"translate"
],
[
"AWS Trusted Advisor",
"trustedadvisor"
],
[
"AWS WAF",
"waf"
],
[
"AWS WAF Regional",
"waf-regional"
],
[
"AWS WAF V2",
"wafv2"
],
[
"AWS Well-Architected Tool",
"wellarchitected"
],
[
"Amazon WorkDocs",
"workdocs"
],
[
"Amazon WorkLink",
"worklink"
],
[
"Amazon WorkMail",
"workmail"
],
[
"Amazon WorkMail Message Flow",
"workmailmessageflow"
],
[
"Amazon WorkSpaces",
"workspaces"
],
[
"Amazon WorkSpaces Application Manager",
"wam"
],
[
"AWS X-Ray",
"xray"
]
]