ice
ice copied to clipboard
update doc with clearer explanations on iam policy
Hi,
I needed to spend some time to figure out what were the appropriate policy rules to get ice working, so it would probably be a good idea to update the doc with those informations.
From what I found:
Role 'ice' perms:
- Read-only permission for S3
User 'ice' perms:
- Read-only permission for *
- s3: perms for "arn:aws:s3:::working_billing/*
- "ec2:DescribeReservedInstancesOfferings" for *
- sts:assumeRole for "arn:aws:iam::812891912463:role/ice"
Maybe that's still not enough and my ice processor will break at some point, or maybe I gave too much perms and they could be reduced further. Advices appreciated !
+1
+1