The following AWS Managed Policies can be attached to the principal used to run Scout in order to grant the necessary permissions: