End of support notice: On May 20, 2026, AWS will end support for AWS IoT Events. After May 20, 2026, you will no longer be able to access the AWS IoT Events console or AWS IoT Events resources. For more information, see [AWS IoT Events end of support](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-end-of-support.html).

# AWS IoT Events identity-based policy examples
<a name="security_iam_id-based-policy-examples"></a>

By default, users and roles don't have permission to create or modify AWS IoT Events resources. They also can't perform tasks using the AWS Management Console, AWS CLI, or AWS API. An IAM administrator must create IAM policies that grant users and roles permission to perform specific API operations on the specified resources they need. The administrator must then attach those policies to the users or groups that require those permissions.

To learn how to create an IAM identity-based policy using these example JSON policy documents, see [Creating policies on the JSON tab](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create.html#access_policies_create-json-editor) in the *IAM User Guide*.

**Topics**
+ [Policy best practices](security_iam_service-with-iam-policy-best-practices.md)
+ [Using the AWS IoT Events console](security_iam_id-based-policy-examples-console.md)
+ [Allow users to view their own permissions in AWS IoT Events](security_iam_id-based-policy-examples-view-own-permissions.md)
+ [Access one AWS IoT Events input](security_iam_id-based-policy-examples-access-one-input.md)
+ [View AWS IoT Events inputs based on tags](security_iam_id-based-policy-examples-view-input-tags.md)