update doc with clearer explanations on iam policy

AdrienLemaire commented 10 years ago

Hi,

I needed to spend some time to figure out what were the appropriate policy rules to get ice working, so it would probably be a good idea to update the doc with those informations.

From what I found:

Role 'ice' perms:

Read-only permission for S3

User 'ice' perms:

Read-only permission for *
s3: perms for "arn:aws:s3:::working_billing/*
"ec2:DescribeReservedInstancesOfferings" for *
sts:assumeRole for "arn:aws:iam::812891912463:role/ice"

Maybe that's still not enough and my ice processor will break at some point, or maybe I gave too much perms and they could be reduced further. Advices appreciated !

fawaf commented 10 years ago

+1

inhumantsar commented 8 years ago

+1

Teevity / ice

update doc with clearer explanations on iam policy #117