IAM Access Policies

Review the IAM Access Policies before executing the AWS Initialization script

Registering an IAM User in gopaddle requires different permissions assigned to the IAM user/role. Please find a complete list of fine-grained, region and account specific permissions required based on the capabilities used in gopaddle.

Capability

AWS Services

IAM Permissions

Creating EKS Cluster and managed Nodegroups

VPC

🔑 https://gp-cloudformation-roles.s3.amazonaws.com/gp-vpc-policy.json

Subnet

🔑 https://gp-cloudformation-roles.s3.amazonaws.com/gp-subnet-policy.json

Gateway

🔑 https://gp-cloudformation-roles.s3.amazonaws.com/gp-gateway-policy.json

EKS and Nodegroup

🔑 https://gp-cloudformation-roles.s3.amazonaws.com/gp-eks-nodegroup-policy.json

Instance

🔑 https://gp-cloudformation-roles.s3.amazonaws.com/gp-instance-policy.json

Roles and Security Group

🔑 https://gp-cloudformation-roles.s3.amazonaws.com/gp-role-sg-policy.json

Cloudformation Template

🔑 https://gp-cloudformation-roles.s3.amazonaws.com/gp-stack-policy.json

Cloudwatch

🔑 https://gp-cloudformation-roles.s3.amazonaws.com/gp-cloudwatch-policy.json

Create Application Load Balancer

🔑 https://gp-cloudformation-roles.s3.amazonaws.com/gp-alb-policy.json

AWS ECR Registry

ECR

🔑 https://gp-cloudformation-roles.s3.amazonaws.com/gp-repository-policy.json

AWS SNS Amazon

SNS

🔑 https://gp-cloudformation-roles.s3.amazonaws.com/gp-sns-policy.json

PreviousQuickstart AWS Setup NextAWS Setup Script

Last updated 1 year ago