We recommend creating a dedicated IAM account for EC2 Link. The Account should be assigned a role with the following permissions granted:

  "ec2:DescribeAddresses",

  "ec2:DescribeAvailabilityZones",

  "ec2:DescribeInstanceAttribute",

  "ec2:DescribeInstanceStatus",

  "ec2:DescribeInstances",

  "ec2:DescribeRegions",

  "ec2:DescribeTags"