AWS cost-management documentation change
Summary
Added multiple JSON policy examples across various billing and cost management scenarios
Security assessment
Expanded IAM policy examples help implement least-privilege access controls for financial operations
Diff
diff --git a/cost-management/latest/userguide/billing-example-policies.md b/cost-management/latest/userguide/billing-example-policies.md index 8c90b8e8c..cc84e9a90 100644 --- a//cost-management/latest/userguide/billing-example-policies.md +++ b//cost-management/latest/userguide/billing-example-policies.md @@ -107,0 +108,6 @@ To explicitly deny a user access to the all Billing and Cost Management console +JSON + + +**** + + @@ -131,0 +139,6 @@ Adding this policy to a user or role will deny users access to Cost Explorer (AW +JSON + + +**** + + @@ -151,0 +166,6 @@ This policy doesn't allow any actions. Use this policy in combination with other +JSON + + +**** + + @@ -171,0 +193,6 @@ This policy allows read-only access to all of the Billing and Cost Management co +JSON + + +**** + + @@ -206,0 +235,6 @@ To allow users to modify account billing information in the Billing and Cost Man +JSON + + +**** + + @@ -223,0 +259,6 @@ To allow users to create budgets in the Billing and Cost Management console, you +JSON + + +**** + + @@ -268,0 +311,6 @@ To protect your account password, contact information, and security questions, y +JSON + + +**** + + @@ -297,0 +347,6 @@ For more information, see [ Using Bucket Policies and User Policies](https://doc +JSON + + +**** + + @@ -327,0 +384,6 @@ To allow users to use the AWS Cost Explorer API, use the following policy to gra +JSON + + +**** + + @@ -351,0 +415,6 @@ This policy allows a user to view and update using the **Cost Explorer preferenc +JSON + + +**** + + @@ -369,0 +440,6 @@ The following policy allows users to view Cost Explorer, but deny permission to +JSON + + +**** + + @@ -395,0 +473,6 @@ The following policy allows users to view Cost Explorer, but deny permission to +JSON + + +**** + + @@ -422,0 +507,6 @@ This policy allows a user to view, create, update, and delete using the **Cost E +JSON + + +**** + + @@ -442,0 +534,6 @@ The following policy allows users to view Cost Explorer, but deny permission to +JSON + + +**** + + @@ -499,0 +598,6 @@ This policy allows a user to view, create, update, and delete [reservation expir +JSON + + +**** + + @@ -519,0 +625,6 @@ The following policy allows users to view Cost Explorer, but denies permission t +JSON + + +**** + + @@ -547,0 +660,6 @@ The following policy allows users to view Cost Explorer, but denies permission t +JSON + + +**** + + @@ -576,0 +696,6 @@ To allow users read-only access to AWS Cost Anomaly Detection, use the following +JSON + + +**** + + @@ -595,0 +722,6 @@ This policy allows AWS Budgets to apply IAM policies and service control policie +JSON + + +**** + + @@ -626,0 +760,6 @@ This trust policy allows AWS Budgets to assume a role that can call other servic +JSON + + +**** + + @@ -650,0 +791,6 @@ Permissions policy +JSON + + +**** + + @@ -682,0 +830,6 @@ This policy allows IAM users to create, list, and add usage to workload estimate +JSON + + +**** + + @@ -710,0 +865,6 @@ This policy allows IAM users to create, list, and add usage and commitements to +JSON + + +**** + + @@ -736,0 +898,6 @@ This policy allows IAM users to create bill estimate and list bill estimate line +JSON + + +**** + + @@ -762,0 +931,6 @@ This policy allows IAM users to create and get rate preferences. +JSON + + +**** + + @@ -782,0 +958,6 @@ This policy allows IAM users to create, manage, and share custom billing views. +JSON + + +**** + + @@ -819,0 +1002,6 @@ This policy allows IAM users to access Cost Explorer when accessing a specific c +JSON + + +**** + +