-
I just managed to build and launch an
However, in order to make Is there a scoped down IAM policy available somewhere with just the actions needed for |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
Hi @rajivr , Thanks for reaching out. Just trying to understand the ask here, are you looking for a minimal IAM Policy which would allow you to publish and register a Bottlerocket AMI in your AWS Account? If so, I was able to do this with a policy like below: {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"ebs:StartSnapshot",
"ebs:CompleteSnapshot",
"ebs:PutSnapshotBlock",
"ec2:CreateSnapshot",
"ec2:RegisterImage",
"ec2:DescribeImages",
"ec2:DescribeImageAttribute",
"ec2:DescribeSnapshotAttribute",
"ec2:DescribeSnapshots"
],
"Resource": "*"
}
]
} The command I used to test this was |
Beta Was this translation helpful? Give feedback.
Hi @rajivr , Thanks for reaching out. Just trying to understand the ask here, are you looking for a minimal IAM Policy which would allow you to publish and register a Bottlerocket AMI in your AWS Account?
If so, I was able to do this with a policy like below: