Skip to content
Permalink
Browse files

Describe minimum required IAM policy for testing piculet

  • Loading branch information...
eagletmt committed Mar 27, 2016
1 parent e2afaec commit 6ef55ec9c5390ea870c8c589a5b30b2caf33c150
Showing with 43 additions and 0 deletions.
  1. +43 −0 README.md
@@ -289,3 +289,46 @@ end

## Similar tools
* [Codenize.tools](http://codenize.tools/)

## For piculet developers
### Minimum required IAM policy to run tests

```ruby
user 'piculet', path: '/' do
policy 'piculet' do
{
'Version' => '2012-10-17',
'Statement' => [
{
'Effect' => 'Allow',
'Action' => [
'ec2:CreateSecurityGroup',
'ec2:CreateTags',
'ec2:DeleteTags',
'ec2:DescribeSecurityGroups',
'ec2:DescribeTags',
'iam:GetUser',
],
'Resource' => '*',
},
{
'Effect' => 'Allow',
'Action' => [
'ec2:AuthorizeSecurityGroupEgress',
'ec2:AuthorizeSecurityGroupIngress',
'ec2:DeleteSecurityGroup',
'ec2:RevokeSecurityGroupEgress',
'ec2:RevokeSecurityGroupIngress',
],
'Resource' => '*',
'Condition' => {
'StringEquals' => {
'ec2:Vpc' => "arn:aws:ec2:#{ENV['TEST_AWS_REGION']}:#{ENV['TEST_OWNER_ID']}:vpc/#{ENV['TEST_VPC_ID']}",
},
},
},
],
}
end
end
```

0 comments on commit 6ef55ec

Please sign in to comment.
You can’t perform that action at this time.