What are the default policies available in the Wasabi Console?

What are the default policies available in the Wasabi Console?

By default, the Wasabi Console provides customers with ready to use, default policies. These policies provide different security permissions that can be combined.

To check the permissions of each policy, enter the policy editor by clicking on the policy name, as shown below:

Default Policies Provided By The Console On Account Creation

• AmazonS3FullAccess. Allows all S3 actions on all the objects/buckets.

• AmazonS3ReadOnlyAccess. Allows all S3 read actions (s3:Get* and s3:List*).

• AdministratorAccess. Allows all actions on all the resources.

• WasabiReadOnlyAccess. Allows all S3 read action and ("iam:Get*", "iam:List*", "iam:ChangePassword", "iam:*MFA*", "sts:Get*").

• WasabiWriteOnlyAccess. Allows "s3:PutObject" and "s3:AbortMultipartUpload."

• WasabiFullAccess. Allows all S3 actions, all IAM actions, and STS actions.

• WasabiAdministratorAccess. Allows all actions on all the resources.

• IAMUserChangePassword. Allow "iam:ChangePassword" and "iam:GetAccountPasswordPolicy."

• WasabiViewBillingAccess. Allows "aws-portal:ViewBilling" that enables the user to access the billing portal in read only mode.

• WasabiModifyBillingAccess. Allows "aws-portal:ModifyBilling" that enables the user to edit the billing information on the account.

To view all available actions in Wasabi, review How to Use Wasabi Policy Generator.