undefined | Better HN

0 pointsthak7884y ago0 comments

What type of iam perms does this require?

0 comments

When you sign up and verify your email you will see the provided CloudFormation template found here for auditing of IAM permissions: https://vantage-public.s3.amazonaws.com/x-account-role-creat...

The list of permissions is a whittled down version of what's available in the AWS managed policy of "ReadOnlyAccess" and doesn't allow us to do things like read from S3 Buckets or read from RDS instances. Basically just List/Describe actions.

IAM permissions are written about more here in our documentation and are ultimately handled gracefully if you want to remove some. For example, if you just want to hand Vantage access to billing, S3 and EC2, it will do the job as best it can with just those permissions: https://docs.vantage.sh/permissions/

Finally, here's a blog post on our cross account IAM setup: https://www.vantage.sh/blog/how-vantage-uses-cross-account-i...

j / k navigate · click thread line to collapse

0 comments

StratusBen4y ago

When you sign up and verify your email you will see the provided CloudFormation template found here for auditing of IAM permissions: https://vantage-public.s3.amazonaws.com/x-account-role-creat...

Finally, here's a blog post on our cross account IAM setup: https://www.vantage.sh/blog/how-vantage-uses-cross-account-i...

j / k navigate · click thread line to collapse