Updated the WiKi : The Permission Required for using Pacu.

[cheahengsoon]

Hi Team,

May I request to update the document for permission required in AWS by using Pacu.

1. IAM Permissions:

   • iam:ListUsers
   • iam:ListRoles
   • iam:ListPolicies
   • iam:ListGroups
   • iam:CreateUser
   • iam:CreatePolicy
   • iam:AttachUserPolicy
   • iam:PutUserPolicy
   • iam:UpdateAssumeRolePolicy
   • iam:AttachRolePolicy
   • iam:PutRolePolicy
   • iam:CreateGroup
   • iam:AddUserToGroup
   • iam:AttachGroupPolicy
   • iam:PutGroupPolicy
   • iam:CreateLoginProfile

2. EC2 Permissions:

   • ec2:DescribeInstances
   • ec2:RunInstances
   • ec2:StopInstances
   • ec2:TerminateInstances
   • ec2:DescribeSecurityGroups
   • ec2:AuthorizeSecurityGroupIngress
   • ec2:RevokeSecurityGroupIngress
   • ec2:DescribeKeyPairs

3. S3 Permissions:

   • s3:ListBucket
   • s3:GetObject
   • s3:PutObject
   • s3:DeleteObject
   • s3:ListAllMyBuckets

4. RDS Permissions:

   • rds:DescribeDBInstances
   • rds:CreateDBInstance
   • rds:DeleteDBInstance
   • rds:ModifyDBInstance
   • rds:ListTagsForResource
   • rds:AddTagsToResource
   • rds:CreateDBSnapshot
   • rds:DeleteDBSnapshot

5. CloudTrail Permissions:

   • cloudtrail:DescribeTrails
   • cloudtrail:GetTrailStatus
   • cloudtrail:LookupEvents

6. CloudFormation Permissions:

   • cloudformation:CreateStack
   • cloudformation:DeleteStack
   • cloudformation:DescribeStacks

7. Lambda Permissions:

   • lambda:ListFunctions
   • lambda:CreateFunction
   • lambda:DeleteFunction
   • lambda:InvokeFunction

8. Other Permissions:

   • sts:GetCallerIdentity
   • sns:ListTopics
   • sns:CreateTopic
   • sns:Subscribe
   • sns:Publish
   • route53:ListHostedZones
   • route53:ChangeResourceRecordSets
   • organizations:ListAccounts