AWS Integrator Charm

[Documentation] What permissions does the charm need in AWS?

Bug #2003800 reported by Adam Dyess on 2023-01-24

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	AWS Integrator Charm	New	Undecided	Unassigned

Bug Description

The aws-integrator charms makes attempts to create/modify elements within a users AWS Cloud, but many errors can occur when the token provided to the charm doesn't have the permissions necessary to enact the change in the cloud.

Can the charm docs offer guidance to which permissions are necessary so the charm can perform its duty?

Revision history for this message

Adam Dyess (addyess) wrote on 2023-01-24:

token permissions require AmazonEC2FullAccess plus the following.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "iam:AttachRolePolicy",
                "iam:CreateRole",
                "iam:PassRole",
                "iam:CreatePolicy",
                "iam:PutRolePolicy",
                "iam:CreateInstanceProfile",
                "iam:AddRoleToInstanceProfile"
            ],
            "Resource": "*"
        }
    ]

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

Bug #2003684

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.