To ensure correct access to VMware Cloud services for users in your AWS account, you must assign them specific permissions.
About this task
The following are the minimum AWS permissions needed to work correctly with VMware Cloud services. You assign these permissions to users in an individual account and in a master organization account.
AmazonEC2ReadOnlyAccess - Allows a user to collect data on Amazon Elastic Block Store (EBS) blocks and computes
AmazonS3ReadOnlyAccess - Allows a user to collect data on S3 buckets
AmazonVPCReadOnlyAccess - Allows a user to collect data on a Virtual Private Cloud (VPC)
CloudWatchLogsReadOnlyAccess - Allows a user to collect metrics from AWS
For more information on permissions in AWS, see http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions_overview.html.