| cloudhsm:CreateCluster | Admin |
| cloudhsm:CreateHapg | Admin |
| cloudhsm:CreateHsm | Admin |
| cloudhsm:CreateLunaClient | Admin |
| cloudhsm:DeleteBackup | Admin |
| cloudhsm:DeleteCluster | Admin |
| cloudhsm:DeleteHapg | Admin |
| cloudhsm:DeleteHsm | Admin |
| cloudhsm:DeleteLunaClient | Admin |
| cloudhsm:GetConfig | Admin |
| cloudhsm:InitializeCluster | Admin |
| cloudhsm:RestoreBackup | Admin |
| cloudhsm:AddTagsToResource | Operator |
| cloudhsm:CopyBackupToRegion | Operator |
| cloudhsm:ModifyHapg | Operator |
| cloudhsm:ModifyHsm | Operator |
| cloudhsm:ModifyLunaClient | Operator |
| cloudhsm:RemoveTagsFromResource | Operator |
| cloudhsm:TagResource | Operator |
| cloudhsm:UntagResource | Operator |
| cloudhsm:DescribeBackups | Metadata |
| cloudhsm:DescribeClusters | Metadata |
| cloudhsm:DescribeHapg | Metadata |
| cloudhsm:DescribeHsm | Metadata |
| cloudhsm:DescribeLunaClient | Metadata |
| cloudhsm:ListAvailableZones | Metadata |
| cloudhsm:ListHapgs | Metadata |
| cloudhsm:ListHsms | Metadata |
| cloudhsm:ListLunaClients | Metadata |
| cloudhsm:ListTags | Metadata |
| cloudhsm:ListTagsForResource | Metadata |
