cloudtrail:LookupEvents
Literal appearances in AWS managed IAM policies. Statements that use wildcards (for example s3:*) are not counted here. This is not an IAM authorization simulation.
Policies (any)
22
Allow (Action)
20
Deny (Action)
2
NotAction
0
Index generated 4/7/2026, 3:29:24 AM. 559 policies include at least one wildcard action string (any service).
Action reference
SAR-style (unofficial)Service: AWS CloudTrail
Access level
ReadDescription
Grants permission to look up and retrieve metric data for API activity events captured by CloudTrail that create, update, or delete resources in your account
Allow (Action)
- AIDevOpsAgentAccessPolicy
- AIOpsAssistantPolicy
- AWSAuditManagerServiceRolePolicy
- AWSCloudTrailReadOnlyAccess
- AWSCloudTrail_ReadOnlyAccess
- AWSConfigUserAccess
- AWSElasticBeanstalkReadOnly
- AWSLakeFormationDataAdmin
- AdministratorAccess-AWSElasticBeanstalk
- AmazonCloudWatchEvidentlyFullAccess
- AmazonDevOpsGuruServiceRolePolicy
- AmazonEC2ContainerRegistryFullAccess
- AmazonMacieSetupRole
- AwsGlueDataBrewFullAccessPolicy
- ROSASRESupportPolicy
- ReadOnlyAccess
- SecurityAudit
- SupportUser
- SystemAdministrator
- ViewOnlyAccess
NotAction
Thanks to Ian McKay for iam-dataset (MIT), structured data derived from the AWS Service Authorization Reference. Not maintained by AWS and not guaranteed current. IAMTrail's managed policy archive is separate.
Definitions bundle generated 4/7/2026, 3:29:24 AM