Create IAM role with permissions only to upload to S3

[amykglen]

creating this issue to remind us to create a new IAM role in AWS with permissions only to upload to a specific S3 bucket. can be used for instances that only need AWS-CLI for that one purpose.

[saramsey]

this is for KG2, right?

[amykglen]

yep, sorry, didn't provide much info - yes, you thought of this idea when I was doing testing for plover on an instance with aws-cli set up, but that instance only really needed to be able to upload things to the rtx-kg2/rtx-kg2-versioned buckets

[saramsey]

OK, so not rtx-kg2-public, is that correct?

[amykglen]

correct

[saramsey]

OK, I have created an IAM role kg2-builder. I will send the keypair to you (@amykglen) via SMS.

[saramsey]

Amy, can you are @kvarforl please take the lead on testing out the keypair that I sent to you?

[amykglen]

yep, sounds good! thanks, Steve!

[kvarforl]

@amykglen apologies for my total silence on this issue: does it still need testing?

[amykglen]

it does! I was thinking I would test it out when I next build kg2c..

[amykglen]

confirmed this seems to work as expected! (the keypair Steve sent allows me to upload items to the kg2 S3 bucket, but not download, as was intended). thanks!