Here is the solution I figured out. I need two policies for this. One to allow access and one to deny for write. When I put "Describe*" I am getting access level to delete the LB as well. Bellow are the two policies.

Allow Access Purpose:

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "elasticloadbalancing:Describe*" ], "Resource": "*" } ] } 

Deny policy to disable delete and change to LB:

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Deny", "Action": [ "elasticloadbalancing:Create*", "elasticloadbalancing:Delete*", "elasticloadbalancing:Edit*", "elasticloadbalancing:Configure*" ], "Resource": "*" } ] } 

Here is the solution I figured out. Bellow is the policies.

Read only AWS LB Access Policy:

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "elasticloadbalancing:Describe*" ], "Resource": "*" } ] }