hello team - the documentation says to give the iAM user AdministratorAccess however due to security constraints I am unable to grant a user this level of access. Is there a list of minimum requirements for individual service permissions in order to install k8s with JuJu on AWS? Thanks in advance
No, we don’t currently have a comprehensive list (yet!). One of the reasons is that a few charms require more extensive permissions than others.
Juju accesses very few AWS services by default, however. I’ve just looked at the provider code and I believe that only write access to EC2 is required. We access storage and networking APIs via Amazon’s EC2 package.
1 Like
@mluntzel the “AmazonEC2FullAccess” policy should be sufficient. I’ve successfully added machines to a model.
[Edit: this policy allows me to successfully deploy Charmed Kubernetes on AWS: juju deploy charmed-kubernetes]
1 Like