IAM Policy Docs #418

sean-smith · 2022-12-17T02:55:12Z

Signed-off-by: Sean Smith [email protected]

Description

Changes IAM Policy docs to scope down the required permissions.
See #384

update docs to scope down required IAM permissions needed to attach additional iam policies to a cluster

update docs to scope down required IAM permissions needed to attach additional iam policies to a cluster

Create a cluster with a policy, arn:aws:iam::aws:policy/AmazonS3FullAccess that's not allowed by the API and observed that it created successfully.

I added tests to new or existing code
I removed hardcoded strings and used our i18n solution instead (see here)
I made sure no sensitive info gets logged at any time in the codebase (see here) (e.g. no user info or details, no stacktraces, etc.)
I checked that infrastructure/update_infrastructure.sh runs without any error
I checked that npm run build builds without any error
I checked that clusters are listed correctly
I checked that a new cluster can be created (config is produced and dry run passes)
I checked that login and logout work as expected

In order to increase the likelihood of your contribution being accepted, please make sure you have read both the Contributing Guidelines and the Project Guidelines

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

Signed-off-by: Sean Smith <[email protected]>

IAM Policy Docs

7ac9a92

Signed-off-by: Sean Smith <[email protected]>

mendaomn approved these changes Dec 19, 2022

View reviewed changes

sean-smith merged commit 6016d01 into aws-samples:main Dec 19, 2022

sean-smith deleted the iam-docs branch December 20, 2022 00:40