provide sample iam policy required to run terraforming

dtan4 / terraforming

Export existing AWS resources to Terraform style (tf, tfstate) / No longer actively maintained

http://terraforming.dtan4.net/

MIT License

4.29k stars 659 forks source link

provide sample iam policy required to run terraforming #314

Closed emalloy closed 7 years ago

emalloy commented 7 years ago

I will provide this when I have time, but wanted to capture before escaped my memory.

In certain cases, one may need to run terraforming with AWS access keypair belonging to a user with a very narrow permission scope. A sandboxed user, if you will.

Feature request:

In the documentation provide the minimum iam policy required to successfully run terraforming.

dtan4 commented 7 years ago

Thank you for your proposal.

The body of IAM policy depends on resources what user wants to generate. In other words, full-access or write permission is not necessary to run Terraforming. Read-only permission (e.g. Describe*, List*) is only required (I think).