Is there a default policy that can provide read-only access to all services with AWS? Is there are naming convention for permissions that could be followed such as "Allow" : "Get*"
in an IAM policy to achieve this type of result?
I know that AWS provides readonly policies for each service, but considering the frequency that new services are added, I'm wondering if there is an aggregate "read-all" policy that they provide?
AWS defines some policies that are available in every account. As new services are added these policies are updated so the policy always has read only access. Some of them are job function policies, some are more general.
The most relevant ones are:
These policies can be attached to a Group, User, Role, etc.