IAM Role: AWS/MWAA/Operator
| Permission | Grant |
|---|---|
| airflow:TagResource | Operator |
| airflow:UntagResource | Operator |
| airflow:GetEnvironment | Metadata |
| airflow:ListEnvironments | Metadata |
| airflow:ListTagsForResource | Metadata |
| ec2:DescribeSecurityGroups | Metadata |
| ec2:DescribeSubnets | Metadata |
| ec2:DescribeVpcs | Metadata |
| iam:ListRoles | Metadata |
| kms:ListAliases | Metadata |
| s3:GetBucketLocation | Metadata |
| s3:ListAllMyBuckets | Metadata |
| s3:ListBucket | Metadata |