On December 7, 2023, we discontinued version 1 DataSync agents. Check the Agents page on the DataSync console to see if you have affected agents. If you do, replace those agents or delete them if they aren't in use. If you need more help, contact AWS Support
Identity and access management in AWS DataSync
AWS uses security credentials to identify you and to grant you access to your AWS resources. You can use features of AWS Identity and Access Management (IAM) to allow other users, services, and applications to use your AWS resources fully or in a limited way, without sharing your security credentials.
By default, IAM identities (users, groups, and roles) don't have permission to create, view, or modify AWS resources. To allow users, groups, and roles to access AWS DataSync resources and interact with the DataSync console and API, we recommend that you use an IAM policy that grants them permission to use the specific resources and API actions that they will need. You then attach the policy to the IAM identity that requires access. For an overview of the basic elements for a policy, see Access management for AWS DataSync.
Topics
- Access management for AWS DataSync
- AWS managed policies for AWS DataSync
- IAM customer managed policies for AWS DataSync
- Using service-linked roles for AWS DataSync
- Granting permission to tag AWS DataSync resources during creation
- Cross-service confused deputy prevention
- DataSync API permissions: Actions and resources
