IAM Role: AWS/QLDB/Metadata
| Permission | Grant |
|---|---|
| iam:ListRoles | Metadata |
| kms:DescribeKey | Metadata |
| kms:ListAliases | Metadata |
| qldb:DescribeJournalS3Export | Metadata |
| qldb:DescribeLedger | Metadata |
| qldb:GetBlock | Metadata |
| qldb:GetDigest | Metadata |
| qldb:GetRevision | Metadata |
| qldb:ListJournalS3Exports | Metadata |
| qldb:ListJournalS3ExportsForLedger | Metadata |
| qldb:ListLedgers | Metadata |
| qldb:ListTagsForResource | Metadata |
| s3:GetBucketLocation | Metadata |
| s3:ListAllMyBuckets | Metadata |