I needed to spend some time to figure out what were the appropriate policy rules to get ice working, so it would probably be a good idea to update the doc with those informations.
From what I found:
Role 'ice' perms:
Read-only permission for S3
User 'ice' perms:
Read-only permission for *
s3: perms for "arn:aws:s3:::working_billing/*
"ec2:DescribeReservedInstancesOfferings" for *
sts:assumeRole for "arn:aws:iam::812891912463:role/ice"
Maybe that's still not enough and my ice processor will break at some point, or maybe I gave too much perms and they could be reduced further. Advices appreciated !
Hi,
I needed to spend some time to figure out what were the appropriate policy rules to get ice working, so it would probably be a good idea to update the doc with those informations.
From what I found:
Role 'ice' perms:
User 'ice' perms:
Maybe that's still not enough and my ice processor will break at some point, or maybe I gave too much perms and they could be reduced further. Advices appreciated !