quickhost user should manage create and describe for `init aws`

Zeebrow / quickhost

Make a publicly available server, quickly

GNU General Public License v3.0

0 stars 0 forks source link

quickhost user should manage create and describe for `init aws` #10

Closed Zeebrow closed 2 years ago

Zeebrow commented 2 years ago

policy template to get started with:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "InitDescribe",
            "Effect": "Allow",
            "Action": [
                "iam:GetUser",
                "ec2:DescribeTags",
                "ec2:DescribeVpcs",
                "ec2:DescribeSubnets",
                "ec2:DescribeRouteTables",
                "ec2:DescribeInternetGateways"
            ],
            "Resource": "*"
        },
        {
            "Sid": "InitCreate",
            "Effect": "Allow",
            "Action": [
                "ec2:CreateTags",
                "ec2:CreateVpc",
                "ec2:CreateSubnet",
                "ec2:CreateRouteTable",
                "ec2:CreateRoute",
                "ec2:AssociateRouteTable",
                "ec2:AttachInternetGateway",
                "ec2:CreateInternetGateway"
            ],
            "Resource": "*"
        }
    ]
}

Zeebrow commented 2 years ago

Notes

--profile was added as a flag to main.py init
--region was added as an optional argument to init make and destroy
Unauthorized and AccessDenied botocore exceptions are caught