This repository was archived by the owner on Dec 14, 2023. It is now read-only.
This repository was archived by the owner on Dec 14, 2023. It is now read-only.
Recommendation of AWS Policy with minimum necessary permissions for irsa-operator #22
Description
Hey, nice work.
I have a question. Do you have any recommendation for aws_iam_policy_document for irsa-operator with minimum necessary permissions?
Inside the example:
data "aws_iam_policy_document" "irsa" {
statement {
sid = "irsaIam"
effect = "Allow"
actions = [
"iam:*"
]
resources = ["*"]
}
}https://github.com/VoodooTeam/irsa-operator/blob/main/_doc/example/terraform/main.tf#L116-L127
For example such permissions doesn't seem to be necessary for the operator
statement {
effect = "Deny"
actions = [
"iam:DeleteUser",
"iam:DeleteAccessKey",
"iam:ChangePassword"
]
resources = ["*"]
}thanks!