Zeebrow / quickhost

Make a publicly available server, quickly

GNU General Public License v3.0

0 stars 0 forks source link

Document permissions required for `main.py describe` #7

Open Zeebrow opened 2 years ago

Zeebrow commented 2 years ago

Before starting, do #6 create first and see if those permissions work

Parent

Zeebrow commented 2 years ago

6 does work, but should be done with AssumeRole via STS sessions in the future. This is the policy for such a role.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "quickhostDescribe",
            "Effect": "Allow",
            "Action": [
                "iam:ListUsers",
                "iam:GetUser",
                "ec2:DescribeSecurityGroups",
                "ec2:DescribeKeyPairs",
                "ec2:DescribeInstances",
                "ec2:DescribeVpcs",
                "ec2:DescribeSubnets",
                "ec2:DescribeInternetGateways",
                "ec2:DescribeRouteTables",
                "ec2:DescribeImages"
            ],
            "Resource": "*"
        }
    ]
}

Zeebrow commented 2 years ago

Need to specify something better than "Resource": "*"