Feature Request: Minimum AWS Policy Template

[zombietango]

Could you provide a bare minimum IAM security policy file that can be imported into an instance and assigned to the user CloudGoat is running under? I'd rather not create a full administrator user to run this, nor do most of our corporate sandbox instances allow for such a thing anyways. If you know what specific roles/permissions are needed to run the scenarios, that would make deployment much easier. As far as I can see, the only guidance is to grant the ability to create/destroy objects, but that isn't that specific.

Thanks! We are looking forward to using this.

[ghost]

Hey @zombietango - thanks for reaching out. That's a very solid idea, and your caution in running CloudGoat is commendable!

I can't say when we'll be able to implement this, but I've added it to our internal board of product ideas. I'll also leave this issue open in case someone in the community wants to tackle this on their own.

[andrew-aiken]

The tool pike might be able to map some of the permissions out for you. The issue still remains that for most scenarios we need to create IAM users/roles with custom policies