# Permissions List

> The following table includes a list of all Amazon Web Services activities, their available operations and associated permissions.

The following table includes a list of all Amazon Web Services activities, their available operations and associated permissions.

## EC2 Activities

| Activity | Operations | Permissions |
| --- | --- | --- |
| [AWSConfigureRobot](https://docs.uipath.com/activities/other/latest/it-automation/aws-configure-robot) | GetDocumentAsync  CreateDocumentAsync  CreateAssociationAsync  SendCommandAsync  DeleteDocumentAsync | ssm:GetDocument  ssm:CreateDocument  ssm:CreateAssociation  ssm:SendCommand  ssm:DeleteDocument  ssm:ListAssociations |
| [AWSCreateInstance](https://docs.uipath.com/activities/other/latest/it-automation/aws-create-instance) | RunInstancesAsync  CreateTagsAsync  DescribeInstancesAsync  DescribeInstanceAttributeAsync  DescribeImagesAsync | ec2:RunInstances  ec2:CreateTags  ec2:DescribeInstances  ec2:DescribeInstanceAttribute  ec2:DescribeImages |
| [AWSCreateInstanceFromTemplate](https://docs.uipath.com/activities/other/latest/it-automation/aws-create-instance-from-template) | RunInstancesAsync  CreateTagsAsync  DescribeInstancesAsync  DescribeInstanceAttributeAsync  DescribeImagesAsync | ec2:RunInstances  ec2:CreateTags  ec2:DescribeInstances  ec2:DescribeInstanceAttribute  ec2:DescribeImages |
| [AWSGetInstance](https://docs.uipath.com/activities/other/latest/it-automation/aws-get-instance) | DescribeInstancesAsync  DescribeInstanceAttributeAsync  DescribeImagesAsync | ec2:DescribeInstances  ec2:DescribeInstanceAttribute  ec2:DescribeImages |
| [AWSGetInstanceList](https://docs.uipath.com/activities/other/latest/it-automation/aws-get-instance-list) | DescribeInstancesAsync  DescribeInstanceAttributeAsync  DescribeImagesAsync | ec2:DescribeInstances  ec2:DescribeInstanceAttribute  ec2:DescribeImages |
| [AWSRebootInstance](https://docs.uipath.com/activities/other/latest/it-automation/aws-reboot-instance) | RebootInstancesAsync  DescribeInstancesAsync  DescribeInstanceAttributeAsync  DescribeImagesAsync | ec2:RebootInstances  ec2:DescribeInstances  ec2:DescribeInstanceAttribute  ec2:DescribeImages |
| [AWSRunPowerShellCommand](https://docs.uipath.com/activities/other/latest/it-automation/aws-run-power-shell-command) | GetDocumentAsync  CreateDocumentAsync  CreateAssociationAsync  SendCommandAsync  DeleteDocumentAsync  DescribeInstancesAsync  DescribeInstanceAttributeAsync  DescribeImagesAsync | ssm:GetDocument  ssm:CreateDocument  ssm:CreateAssociation  ssm:SendCommand  ssm:DeleteDocument  ec2:DescribeInstances  ec2:DescribeInstanceAttribute  ec2:DescribeImages  ssm:ListAssociations |
| [AWSStartInstance](https://docs.uipath.com/activities/other/latest/it-automation/aws-start-instance) | StartInstancesAsync  DescribeInstancesAsync  DescribeInstanceAttributeAsync  DescribeImagesAsync | ec2:StartInstances  ec2:DescribeInstances  ec2:DescribeInstanceAttribute  ec2:DescribeImages |
| [AWSStopInstance](https://docs.uipath.com/activities/other/latest/it-automation/aws-stop-instance) | StopInstancesAsync  DescribeInstancesAsync  DescribeInstanceAttributeAsync  DescribeImagesAsync | ec2:StopInstances  ec2:DescribeInstances  ec2:DescribeInstanceAttribute  ec2:DescribeImages |
| [AWSTerminateInstance](https://docs.uipath.com/activities/other/latest/it-automation/aws-terminate-instance) | TerminateInstancesAsync  DescribeInstancesAsync  DescribeInstanceAttributeAsync  DescribeImagesAsync | ec2:TerminateInstances  ec2:DescribeInstances  ec2:DescribeInstanceAttribute  ec2:DescribeImages |

## S3 Buckets Activities

| Activity | Operations | Permissions |
| --- | --- | --- |
| [AWSConfigureLoggingBucket](https://docs.uipath.com/activities/other/latest/it-automation/aws-configure-logging-bucket) | GetACLAsync  PutACLAsync  PutBucketLoggingAsync | s3:GetBucketAcl  s3:PutBucketAcl  s3:PutBucketLogging |
| [AWSConfigurePublicAccessBucket](https://docs.uipath.com/activities/other/latest/it-automation/aws-configure-public-access-bucket) | PutPublicAccessBlockAsync | s3:PutBucketPublicAccessBlock |
| [AWSCreateBucket](https://docs.uipath.com/activities/other/latest/it-automation/aws-create-bucket) | DoesS3BucketExistV2Async  PutBucketAsync  PutBucketVersioningAsync  DeleteBucketEncryptionAsync  PutBucketEncryptionAsync  PutBucketTaggingAsync  PutPublicAccessBlockAsync  ListBucketsAsync  GetBucketLocationAsync  GetBucketTaggingAsync  GetBucketVersioningAsync  GetACLAsync  GetBucketLoggingAsync  GetObjectLockConfigurationAsync  GetPublicAccessBlockAsync  GetBucketEncryptionAsync  DeleteS3BucketWithObjectsAsync | s3:GetBucketAcl  s3:CreateBucket  s3:PutBucketObjectLockConfiguration  s3:PutBucketVersioning  s3:PutEncryptionConfiguration  s3:PutEncryptionConfiguration  s3:PutBucketTagging  s3:PutBucketPublicAccessBlock  s3:ListBucket  s3:GetBucketLocation  s3:GetBucketTagging  s3:GetBucketVersioning  s3:GetBucketAcl  s3:GetBucketLogging  s3:GetBucketObjectLockConfiguration  s3:GetBucketPublicAccessBlock  s3:GetEncryptionConfiguration  s3:DeleteBucket  s3:DeleteObject |
| [AWSDeleteBucket](https://docs.uipath.com/activities/other/latest/it-automation/aws-delete-bucket) | GetBucketVersioningAsync  ListVersionsAsync  ListObjectsV2Async  DeleteObjectsAsync  DeleteBucketAsync | s3:GetBucketVersioning  s3:ListBucketVersions  s3:ListBucket  s3:DeleteObjectVersion  s3:DeleteBucket  s3:ListAllMyBuckets |
| [AWSDeleteBucketPolicy](https://docs.uipath.com/activities/other/latest/it-automation/aws-delete-bucket-policy) | DeleteBucketPolicyAsync | s3:DeleteBucketPolicy |
| [AWSEmptyBucket](https://docs.uipath.com/activities/other/latest/it-automation/aws-empty-bucket) | GetBucketVersioningAsync  ListVersionsAsync  ListObjectsV2Async  DeleteObjectsAsync | s3:GetBucketVersioning  s3:ListBucketVersions  s3:ListBucket  s3:DeleteObjectVersion |
| [AWSGetBucket](https://docs.uipath.com/activities/other/latest/it-automation/aws-get-bucket) | DoesS3BucketExistV2Async  ListBucketsAsync  GetBucketLocationAsync  GetBucketTaggingAsync  GetACLAsync  GetBucketVersioningAsync  GetBucketLoggingAsync  GetObjectLockConfigurationAsync  GetPublicAccessBlockAsync  GetBucketEncryptionAsync | s3:GetBucketAcl  (optional) s3:ListBucket  s3:GetBucketLocation  s3:GetBucketTagging  s3:GetBucketAcl  s3:GetBucketVersioning  s3:GetBucketLogging  s3:GetBucketObjectLockConfiguration  s3:GetBucketPublicAccessBlock  s3:GetEncryptionConfiguration |
| [AWSGetBucketList](https://docs.uipath.com/activities/other/latest/it-automation/aws-get-bucket-list) | ListBucketsAsync  GetBucketLocationAsync  GetBucketTaggingAsync  DoesS3BucketExistV2Async | s3:ListBucket  s3:GetBucketLocation  s3:GetBucketTagging  s3:GetBucketAcl |
| [AWSGetBucketPolicy](https://docs.uipath.com/activities/other/latest/it-automation/aws-get-bucket-policy) | GetBucketPolicyAsync | s3:GetBucketPolicy |
| [AWSSetBucketPolicy](https://docs.uipath.com/activities/other/latest/it-automation/aws-set-bucket-policy) | PutBucketPolicyAsync | s3:PutBucketPolicy |
| [AWSUpdateBucket](https://docs.uipath.com/activities/other/latest/it-automation/aws-update-bucket) | DoesS3BucketExistV2Async  PutBucketVersioningAsync  DeleteBucketEncryptionAsync  PutBucketEncryptionAsync  PutBucketTaggingAsync  PutPublicAccessBlockAsync | s3:GetBucketAcl  s3:PutBucketVersioning  s3:PutEncryptionConfiguration  s3:PutEncryptionConfiguration  s3:PutBucketTagging  s3:PutBucketPublicAccessBlock |

## S3 Objects Activities

| Activity | Operations | Permissions |
| --- | --- | --- |
| [AWSCopyObject](https://docs.uipath.com/activities/other/latest/it-automation/aws-copy-object) | GetBucketLocationAsync  CopyObjectAsync | s3:GetBucketLocation  s3:GetObject  s3:PutObject |
| [AWSDeleteMultipleObjects](https://docs.uipath.com/activities/other/latest/it-automation/aws-delete-multiple-objects) | DeleteObjectsAsync | s3:DeleteObjectVersion  s3:GetObject |
| [AWSDeleteSingleObject](https://docs.uipath.com/activities/other/latest/it-automation/aws-delete-single-object) | DeleteObjectsAsync | s3:DeleteObjectVersion  s3:GetObject |
| [AWSDownloadSingleObject](https://docs.uipath.com/activities/other/latest/it-automation/aws-download-single-object) | GetObjectAsync | s3:GetObject |
| [AWSForEachObject](https://docs.uipath.com/activities/other/latest/it-automation/aws-for-each-object) | ListObjectsV2Async  GetObjectMetadataAsync  GetBucketLocationAsync  GetObjectTaggingAsync  ListVersionsAsync | s3:ListBucket  s3:GetObject  s3:ListBucketVersions  s3:GetBucketLocation  s3:GetObjectTagging  s3:ListBucketVersions |
| [AWSGetObject](https://docs.uipath.com/activities/other/latest/it-automation/aws-get-object) | GetObjectMetadataAsync  GetBucketLocationAsync  GetObjectTaggingAsync  ListVersionsAsync | s3:ListBucketVersions  s3:GetBucketLocation  s3:GetObjectTagging  s3:GetObjectVersionTagging<sup>1</sup>  s3:ListBucketVersions  s3:GetObject |
| [AWSGetObjectACL](https://docs.uipath.com/activities/other/latest/it-automation/aws-get-object-acl) | GetACLAsync | s3:GetObjectAcl  s3:GetObject |
| [AWSSetObjectACL](https://docs.uipath.com/activities/other/latest/it-automation/aws-set-object-acl) | GetACLAsync  PutACLAsync | s3:GetObjectAcl  s3:PutObjectAcl  s3:GetObject |
| [AWSUploadMultipleObjects](https://docs.uipath.com/activities/other/latest/it-automation/aws-upload-multiple-objects) | UploadDirectoryAsync | s3:PutObject  s3:ListBucketMultipartUploads  s3:ListMultipartUploadParts  s3:AbortMultipartUpload  s3:GetObject |
| [AWSUploadSingleObject](https://docs.uipath.com/activities/other/latest/it-automation/aws-upload-single-object) | UploadAsync  GetObjectMetadataAsync  GetBucketLocationAsync  GetObjectTaggingAsync  ListVersionsAsync  GetACLAsync  PutACLAsync | s3:GetObject  s3:PutObject  s3:PutObjectTagging  s3:PutObjectVersionTagging  s3:ListBucketVersions  s3:GetBucketLocation  s3:GetEncryptionConfiguration  s3:GetObjectTagging  s3:GetObjectVersionTagging  s3:GetObjectAcl  s3:PutObjectAcl  s3:ListBucketMultipartUploads  s3:ListMultipartUploadParts  s3:AbortMultipartUpload |

<sup>1</sup> Required only if **IncludeVersionsInfo** is set to `True`.

## IAM Group Activities

| Activity | Operations | Permissions |
| --- | --- | --- |
| [AWSAddUserToGroup](https://docs.uipath.com/activities/other/latest/it-automation/aws-add-user-to-group) | AddUserToGroupAsync | iam:AddUserToGroup |
| [AWSCreateGroup](https://docs.uipath.com/activities/other/latest/it-automation/aws-create-group) | CreateGroupAsync | iam:CreateGroup |
| [AWSDeleteGroup](https://docs.uipath.com/activities/other/latest/it-automation/aws-delete-group) | DeleteGroupAsync  GetGroupAsync  RemoveUserFromGroupAsync  ListGroupPoliciesAsync  DeleteGroupPolicyAsync  ListAttachedGroupPoliciesAsync  DetachGroupPolicyAsync | iam:DeleteGroup  iam:GetGroup  iam:RemoveUserFromGroup  iam:ListGroupPolicies  iam:DeleteGroupPolicy  iam:ListAttachedGroupPolicies  iam:DetachGroupPolicy |
| [AWSForEachGroup](https://docs.uipath.com/activities/other/latest/it-automation/aws-for-each-group) | ListGroupsAsync | iam:ListGroups |
| [AWSGetGroup](https://docs.uipath.com/activities/other/latest/it-automation/aws-get-group) | GetGroupAsync | iam:GetGroup |
| [AWSRemoveUserFromGroup](https://docs.uipath.com/activities/other/latest/it-automation/aws-remove-user-from-group) | RemoveUserFromGroupAsync | iam:RemoveUserFromGroup |
| [AWSUpdateGroup](https://docs.uipath.com/activities/other/latest/it-automation/aws-update-group) | UpdateGroupAsync  GetGroupAsync | iam:UpdateGroup  iam:GetGroup |

## IAM Policy Activities

| Activity | Operations | Permissions |
| --- | --- | --- |
| [AWSAddRemoveInlinePolicy](https://docs.uipath.com/activities/other/latest/it-automation/aws-add-remove-inline-policy) | PutGroupPolicyAsync  DeleteGroupPolicyAsync  PutRolePolicyAsync  DeleteRolePolicyAsync  PutUserPolicyAsync  DeleteUserPolicyAsync | iam:PutGroupPolicy  iam:DeleteGroupPolicy  iam:PutRolePolicy  iam:DeleteRolePolicy  iam:PutUserPolicy  iam:DeleteUserPolicy |
| [AWSAttachDetachManagedPolicy](https://docs.uipath.com/activities/other/latest/it-automation/aws-attach-detach-managed-policy) | AttachGroupPolicyAsync  DetachGroupPolicyAsync  AttachRolePolicyAsync  DetachRolePolicyAsync  AttachUserPolicyAsync  DetachUserPolicyAsync | iam:AttachGroupPolicy  iam:DetachGroupPolicy  iam:AttachRolePolicy  iam:DetachRolePolicy  iam:AttachUserPolicy  iam:DetachUserPolicy |
| [AWSCreateManagedPolicy](https://docs.uipath.com/activities/other/latest/it-automation/aws-create-managed-policy) | CreatePolicyAsync  GetPolicyAsync  ListPolicyVersionsAsync  GetPolicyVersionAsync | iam:CreatePolicy  iam:GetPolicy  iam:ListPolicyVersions  iam:GetPolicyVersion |
| [AWSDeleteManagedPolicy](https://docs.uipath.com/activities/other/latest/it-automation/aws-delete-managed-policy) | ListEntitiesForPolicyAsync  DetachGroupPolicyAsync  DetachRolePolicyAsync  DetachUserPolicyAsync  ListPolicyVersionsAsync  GetPolicyVersionAsync  DeletePolicyVersionAsync  DeletePolicyAsync | iam:ListEntitiesForPolicy  iam:DetachGroupPolicy  iam:DetachRolePolicy  iam:DetachUserPolicy  iam:ListPolicyVersions  iam:GetPolicyVersion  iam:DeletePolicyVersion  iam:DeletePolicy |
| [AWSForEachManagedPolicy](https://docs.uipath.com/activities/other/latest/it-automation/aws-for-each-managed-policy) | ListPoliciesAsync  ListPolicyTagsAsync  ListPolicyVersionsAsync  GetPolicyVersionAsync | iam:ListPolicies  iam:ListPolicyTags  iam: ListPolicyVersions  iam;GetPolicyVersion |
| [AWSGetIAMIdentityInlinePolicies](https://docs.uipath.com/activities/other/latest/it-automation/aws-get-iam-identity-inline-policies) | ListGroupPoliciesAsync  GetGroupPolicyAsync  ListRolePoliciesAsync  GetRolePolicyAsync  ListUserPoliciesAsync  GetUserPolicyAsync | iam:ListGroupPolicies  iam:GetGroupPolicy  iam:ListRolePolicies  iam:GetRolePolicy  iam:ListUserPolicies  iam:GetUSerPolicy |
| [AWSGetIAMIdentityManagedPolicies](https://docs.uipath.com/activities/other/latest/it-automation/aws-get-iam-identity-managed-policies) | ListAttachedGroupPoliciesAsync  ListAttachedRolePoliciesAsync  ListAttachedUserPoliciesAsync | iam:ListAttachedGroupPolicies  iam:ListAttachedRolePolicies  iam:ListAttachedUserPolicies |
| [AWSGetIdentitiesAttachedToPolicy](https://docs.uipath.com/activities/other/latest/it-automation/aws-get-identities-attached-to-policy) | ListEntitiesForPolicyAsync | iam:ListEntitiesForPolicy |
| [AWSGetManagedPolicy](https://docs.uipath.com/activities/other/latest/it-automation/aws-get-managed-policy) | GetPolicyAsync  ListPolicyVersionsAsync  GetPolicyVersionAsync | iam:GetPolicy  iam:ListPolicyVersions  iam:GetPolicyVersion |
| [AWSUpdateManagedPolicy](https://docs.uipath.com/activities/other/latest/it-automation/aws-update-managed-policy) | UntagPolicyAsync  TagPolicyAsync  CreatePolicyVersionAsync  SetDefaultPolicyVersionAsync  DeletePolicyVersionAsync  GetPolicyAsync  ListPolicyVersionsAsync  GetPolicyVersionAsync | iam:UntagPolicy  iam:TagPolicy  iam:CreatePolicyVersion  iam:SetDefaultPolicyVersion  iam:DeletePolicyVersion  iam:GetPolicy  iam:ListPolicyVersions  iam:GetPolicyVersion |

## IAM Role Activities

| Activity | Operations | Permissions |
| --- | --- | --- |
| [AWSAddRoleToInstanceProfile](https://docs.uipath.com/activities/other/latest/it-automation/aws-add-role-to-instance-profile) | AddRoleToInstanceProfileAsync  GetInstanceProfileAsync  RemoveRoleFromInstanceProfileAsync | iam:AddRoleToInstanceProfile  iam:GetInstanceProfile  iam:RemoveRoleFromInstanceProfile |
| [AWSRemoveRoleFromInstanceProfile](https://docs.uipath.com/activities/other/latest/it-automation/aws-remove-role-from-instance-profile) | RemoveRoleFromInstanceProfileAsync | iam:RemoveRoleFromInstanceProfile |
| [AWSCreateRole](https://docs.uipath.com/activities/other/latest/it-automation/aws-create-role) | CreateRoleAsync  GetRoleAsync | iam:CreateRole  iam:GetRole |
| [AWSDeleteRole](https://docs.uipath.com/activities/other/latest/it-automation/aws-delete-role) | DeleteRoleAsync  ListInstanceProfilesForRoleAsync  RemoveRoleFromInstanceProfileAsync  ListRolePoliciesAsync  DeleteRolePolicyAsync  ListAttachedRolePoliciesAsync  DetachRolePolicyAsync  GetInstanceProfileAsync  DeleteInstanceProfileAsync | iam:DeleteRole  iam:ListInstanceProfilesForRole  iam:RemoveRoleFromInstanceProfile  iam:ListRolePolicies  iam:DeleteRolePolicy  iam:ListAttachedRolePolicies  iam:DetachRolePolicy  iam:GetInstanceProfile  iam:DeleteInstanceProfile |
| [AWSGetRole](https://docs.uipath.com/activities/other/latest/it-automation/aws-get-role) | GetRoleAsync | iam:GetRole |
| [AWSUpdateRole](https://docs.uipath.com/activities/other/latest/it-automation/aws-update-role) | UpdateRoleAsync  DeleteRolePermissionsBoundaryAsync  PutRolePermissionsBoundaryAsync  UntagRoleAsync  TagRoleAsync  GetRoleAsync | iam:UpdateRole  iam:DeleteRolePermissionsBoundary  iam:PutRolePermissionsBoundary  iam:UntagRole  iam:TagRole  iam:GetRole |
| [AWSForEachRole](https://docs.uipath.com/activities/other/latest/it-automation/aws-for-each-role) | ListRolesAsync  ListRoleTagsAsync | iam:ListRoles  iam:ListRoleTags |

## IAM User Activities

| Activity | Operations | Permissions |
| --- | --- | --- |
| [AWSChangeUserPassword](https://docs.uipath.com/activities/other/latest/it-automation/aws-change-user-password) | UpdateLoginProfileAsync  AttachUserPolicyAsync | iam:UpdateLoginProfile  iam:AttachUserPolicy |
| [AWSCreateUser](https://docs.uipath.com/activities/other/latest/it-automation/aws-create-user) | CreateUserAsync  CreateLoginProfileAsync  AttachUserPolicyAsync  CreateAccessKeyAsync | iam:CreateUser  iam:CreateLoginProfile  iam:AttachUserPolicy  iam:CreateAccessKey |
| [AWSGetUser](https://docs.uipath.com/activities/other/latest/it-automation/aws-get-user) | GetUserAsync | iam:GetUser |
| [AWSDeleteUser](https://docs.uipath.com/activities/other/latest/it-automation/aws-delete-user) | DeleteUserAsync  DeleteLoginProfileAsync  ListAccessKeysAsync  DeleteAccessKeyAsync  ListSigningCertificatesAsync  DeleteSigningCertificateAsync  ListSSHPublicKeysAsync  DeleteSSHPublicKeyAsync  ListServiceSpecificCredentialsAsync  DeleteServiceSpecificCredentialAsync  ListVirtualMFADevicesAsync  DeactivateMFADeviceAsync  DeleteVirtualMFADeviceAsync  ListUserPoliciesAsync  DeleteUserPolicyAsync  ListAttachedUserPoliciesAsync  DetachUserPolicyAsync  ListGroupsForUserAsync  RemoveUserFromGroupAsync | iam:DeleteUser  iam:DeleteLoginProfile  iam:ListAccessKeys  iam:DeleteAccessKey  iam:ListSigningCertificates  iam:DeleteSigningCertificate  iam:ListSSHPublicKeys  iam:DeleteSSHPublicKey  iam:ListServiceSpecificCredentials  iam:DeleteServiceSpecificCredential  iam:ListVirtualMFADevices  iam:DeactivateMFADevice  iam:DeleteVirtualMFADevice  iam:ListUserPolicies  iam:DeleteUserPolicy  iam:ListAttachedUserPolicies  iam:DetachUserPolicy  iam:ListGroupsForUser  iam:RemoveUserFromGroup |
| [AWSUpdateUser](https://docs.uipath.com/activities/other/latest/it-automation/aws-update-user) | UpdateUserAsync  DeleteUserPermissionsBoundaryAsync  PutUserPermissionsBoundaryAsync  UntagUserAsync  TagUserAsync  GetUserAsync | iam:UpdateUser  iam:DeleteUserPermissionsBoundary  iam:PutUserPermissionsBoundary  iam:UntagUser  iam:TagUser  iam:GetUser |
| [AWSForEachUser](https://docs.uipath.com/activities/other/latest/it-automation/aws-for-each-user) | ListUsersAsync  ListUserTagsAsync | iam:ListUsers  iam:ListUserTags |
| [AWSForEachUserGroup](https://docs.uipath.com/activities/other/latest/it-automation/aws-for-each-user-group) | ListGroupsForUserAsync | iam:ListGroupsForUser |
| [AWSForEachUserInGroup](https://docs.uipath.com/activities/other/latest/it-automation/aws-for-each-user-in-group) | GetGroupAsync  ListUserTagsAsync | iam:GetGroup  iam:ListUserTags |