I got tired of snorkeling thought my posts or the internet to figure out which policy is required to perform actions when using AWS.
Best practice is to create groups, attach the policy to the group and then add users to that group, thats not what Im doing here because I want to intentionally simplify the process for myself and just focus on the built in policy or policy I need to create to perform an action.
Additionally, these are full access policys, you should use principle of least privilege (PoLP), so when building production systems, dont use *FullAccess, instead attach policys relavant to the action and nothing else.
Lastly, because I said Additionally already, dont create one IAM with all this access, be specific and only grant thing relavant for the action. Sounds like Single Responsibility from SOLID right?
As I need access to things, I will update this post.
AWS Lightsail
No policy exists that I could find, so I created my own and attached permissions
1 | CarlLightsailFullAccess -> added permission `Lightsail` -> `Full Access` |
- Also see AWS Lightsail
ECR (Amazon Elastic Container Registry)
1 | AmazonEC2ContainerRegistryFullAccess |
Route 53 (DNS & Hosted Zones)
1 | AmazonRoute53FullAccess |
AWS S3 (Cloud Object Storage)
1 | AmazonS3FullAccess |
Cloud Formation (Create infastructure)
1 | AWSCloudFormationFullAccess |