-
|
I just managed to build and launch an However, in order to make Is there a scoped down IAM policy available somewhere with just the actions needed for |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
Hi @rajivr , Thanks for reaching out. Just trying to understand the ask here, are you looking for a minimal IAM Policy which would allow you to publish and register a Bottlerocket AMI in your AWS Account? If so, I was able to do this with a policy like below: {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"ebs:StartSnapshot",
"ebs:CompleteSnapshot",
"ebs:PutSnapshotBlock",
"ec2:CreateSnapshot",
"ec2:RegisterImage",
"ec2:DescribeImages",
"ec2:DescribeImageAttribute",
"ec2:DescribeSnapshotAttribute",
"ec2:DescribeSnapshots"
],
"Resource": "*"
}
]
}The command I used to test this was |
Beta Was this translation helpful? Give feedback.
-
|
Thanks @vigh-m for the reply, and apologies for the delay in responding from my side. I tested the above policy, and it works as expected. |
Beta Was this translation helpful? Give feedback.
Hi @rajivr , Thanks for reaching out. Just trying to understand the ask here, are you looking for a minimal IAM Policy which would allow you to publish and register a Bottlerocket AMI in your AWS Account?
If so, I was able to do this with a policy like below:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "ebs:StartSnapshot", "ebs:CompleteSnapshot", "ebs:PutSnapshotBlock", "ec2:CreateSnapshot", "ec2:RegisterImage", "ec2:DescribeImages", "ec2:DescribeImageAttribute", …