I searched extensively and could not find any documentation about what AWS API calls (or GCE, or Azure, any other external provider really) are required for step-ca to work. Would be much easier to create an user/role with minimal permissions if a list of API calls was provided.
Also, there is no documentation about the naming, tagging, or anything related to the resources created, which also makes it hard to create properly scoped policies.
I searched extensively and could not find any documentation about what AWS API calls (or GCE, or Azure, any other external provider really) are required for step-ca to work. Would be much easier to create an user/role with minimal permissions if a list of API calls was provided.
Also, there is no documentation about the naming, tagging, or anything related to the resources created, which also makes it hard to create properly scoped policies.
Thanks!