have created iam identity center, but how to access eb app from root user account in iamic?


In my root account, i have 2 pre-existing elastic beanstalk environments (with active spot instances)-- how do I access these environments (and give access to iamic managed users) through the iamic?

is it possible not to go through this rigmarole? https://repost.aws/knowledge-center/elastic-beanstalk-migration-accounts

Hello shwetha.

If you want your IAM identities created with IAM Identity Center just to access (read) your EB environments created by root account, you can attach a managed policy AWSElasticBeanstalkReadOnly.

The above policy contains below permissions:

  "Version" : "2012-10-17",
  "Statement" : [
      "Sid" : "AllowAPIs",
      "Effect" : "Allow",
      "Action" : [
      "Resource" : "*"
      "Sid" : "AllowS3",
      "Effect" : "Allow",
      "Action" : [
      "Resource" : "arn:aws:s3:::elasticbeanstalk-*"

In addition, If you want to look for more policies managed by AWS, please refer to Managing Elastic Beanstalk user policies document provided by AWS Elastic Beanstalk.


