Route 53 Policy to Change Records
Here’s the IAM policy you’ll need to change Route 53 DNS records. Substitute with your own hosted zone id.
<pre lang="bash">{
"Statement":[{
"Effect":"Allow",
"Action":["route53:ChangeResourceRecordSets"],
"Resource":"arn:aws:route53:::hostedzone/*HOSTEDZONEID*"
}
],
"Statement":[{
"Effect":"Allow",
"Action":["route53:GetChange"],
"Resource":"arn:aws:route53:::change/*"
}
]
}
Add to policy to a user.