Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-4726

Add element to minimum access policy for provisioning

    XMLWordPrintableJSON

Details

    • Icon: Task Task
    • Resolution: Done
    • Icon: Blocker - P1 Blocker - P1
    • v1.3.17
    • None
    • Cloud Manager
    • None

    Description

      add `DescribeVpcAttribute` to the minimum access policy so it looks like

      {
        "Statement": [
          {
            "Effect": "Allow",
            "Action": ["iam:*AccessKey*", "iam:GetUser"],
            "Resource": ["*"]
          },
          {
            "Effect": "Allow",
            "Action": [
              "ec2:AttachVolume",
              "ec2:AuthorizeSecurityGroupIngress",
              "ec2:CreateKeyPair",
              "ec2:CreateSecurityGroup",
              "ec2:CreateTags",
              "ec2:CreateVolume",
              "ec2:DeleteKeyPair",
              "ec2:DeleteSecurityGroup",
              "ec2:DeleteTags",
              "ec2:DeleteVolume",
              "ec2:DescribeAccountAttributes",
              "ec2:DescribeAvailabilityZones",
              "ec2:DescribeInstanceAttribute",
              "ec2:DescribeInstanceStatus",
              "ec2:DescribeInstances",
              "ec2:DescribeKeyPairs",
              "ec2:DescribeRegions",
              "ec2:DescribeSecurityGroups",
              "ec2:DescribeSubnets",
              "ec2:DescribeTags",
              "ec2:DescribeVpcs",
              "ec2:DescribeVpcAttribute",
              "ec2:DescribeVolumeStatus",
              "ec2:DescribeVolumes",
              "ec2:DescribeVolumeAttribute",
              "ec2:ImportKeyPair",
              "ec2:RunInstances",
              "ec2:StartInstances",
              "ec2:StopInstances",
              "ec2:RebootInstances",
              "ec2:TerminateInstances"
            ],
            "Resource": [
              "*"
            ]
          }
        ]
      }

      Attachments

        Activity

          People

            sam.kleinman Sam Kleinman (Inactive)
            cadran.cowansage Cadran Cowansage
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              9 years, 3 weeks, 5 days ago