AppKeeper uses the following IAM Role policies.
Service
- EC2
Action
- StartInstance
- StopInstances
- DescribeRegions
- DescribeInstances
- DescribeInstanceStatus
Resource
- Check "All Resources"
Service
- Systems Manager
Action
- SendCommand
- GetAutomationExecution
- StartAutomationExecution
- DescribeInstanceInformation
- GetCommandInvocation
Resource
- Check "All Resources"
Example for IAM policy(JSON)
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ssm:SendCommand",
"ssm:GetAutomationExecution",
"ssm:GetCommandInvocation",
"ssm:StartAutomationExecution",
"ssm:DescribeInstanceInformation",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"ec2:StartInstances",
"ec2:StopInstances",
"ec2:DescribeInstanceStatus"
],
"Resource": "*"
}
]
}
Comments
0 comments
Article is closed for comments.