From 0b93f74895fc87a7a414b62c75f8a538198b78c2 Mon Sep 17 00:00:00 2001 From: Matthias Pigulla Date: Thu, 7 Apr 2016 12:08:29 +0200 Subject: [PATCH] Add an example IAM policy Not sure whether access could be better restricted? --- README.textile | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/README.textile b/README.textile index ff3af63..5db50bb 100644 --- a/README.textile +++ b/README.textile @@ -238,6 +238,29 @@ h1. FILES - $HOME/.my.cnf := Default values for MySQL user and password are sought here in the standard format. - $HOME/.awssecret := Default values for access key and secret access keys are sought here. Can be overridden by environment variables and command line options. +h1. IAM POLICY + +The following policy can help you to set up the IAM user or role with appropriate permissions to run this program. + +
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Sid": "1",
+            "Effect": "Allow",
+            "Action": [
+                "ec2:DeleteSnapshot",
+                "ec2:DescribeSnapshots"
+            ],
+            "Resource": [
+                "*"
+            ]
+        }
+    ]
+}
+
+ h1. SEE ALSO - Amazon EC2 := - Amazon EC2 EBS (Elastic Block Store) := - ec2-consistent-snapshot :=