jpadams/eksctl-policy

## eksctl-policy
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "iam:CreateInstanceProfile",
                "iam:DeleteInstanceProfile",
                "iam:GetRole",
                "iam:GetInstanceProfile",
                "iam:RemoveRoleFromInstanceProfile",
                "iam:CreateRole",
                "iam:DeleteRole",
                "iam:AttachRolePolicy",
                "iam:PutRolePolicy",
                "iam:ListInstanceProfiles",
                "iam:AddRoleToInstanceProfile",
                "iam:ListInstanceProfilesForRole",
                "iam:PassRole",
                "iam:DetachRolePolicy",
                "iam:DeleteRolePolicy",
                "iam:GetRolePolicy",
                "iam:DeleteServiceLinkedRole",
                "iam:CreateServiceLinkedRole",
                "iam:GetOpenIDConnectProvider"
            ],
            "Resource": [
                "arn:aws:iam::<AWS-account-ID>:instance-profile/eksctl-*",
                "arn:aws:iam::<AWS-account-ID>:role/eksctl-*",
                "arn:aws:iam::<AWS-account-ID>:oidc-provider/oidc.eks.*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": "cloudformation:*",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "eks:*"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "elasticloadbalancing:*"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "autoscaling:DescribeAutoScalingGroups",
                "autoscaling:DescribeLaunchConfigurations",
                "autoscaling:DescribeScalingActivities",
                "autoscaling:CreateLaunchConfiguration",
                "autoscaling:DeleteLaunchConfiguration",
                "autoscaling:UpdateAutoScalingGroup",
                "autoscaling:DeleteAutoScalingGroup",
                "autoscaling:CreateAutoScalingGroup"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "ec2:DeleteInternetGateway",
            "Resource": "arn:aws:ec2:*:*:internet-gateway/*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "ec2:AuthorizeSecurityGroupIngress",
                "ec2:DeleteSubnet",
                "ec2:DeleteTags",
                "ec2:CreateNatGateway",
                "ec2:CreateVpc",
                "ec2:AttachInternetGateway",
                "ec2:DescribeVpcAttribute",
                "ec2:DeleteRouteTable",
                "ec2:AssociateRouteTable",
                "ec2:DescribeInternetGateways",
                "ec2:CreateRoute",
                "ec2:CreateInternetGateway",
                "ec2:RevokeSecurityGroupEgress",
                "ec2:CreateSecurityGroup",
                "ec2:ModifyVpcAttribute",
                "ec2:DeleteInternetGateway",
                "ec2:DescribeRouteTables",
                "ec2:ReleaseAddress",
                "ec2:AuthorizeSecurityGroupEgress",
                "ec2:DescribeTags",
                "ec2:CreateTags",
                "ec2:DeleteRoute",
                "ec2:CreateRouteTable",
                "ec2:DetachInternetGateway",
                "ec2:DescribeNatGateways",
                "ec2:DisassociateRouteTable",
                "ec2:AllocateAddress",
                "ec2:DescribeSecurityGroups",
                "ec2:RevokeSecurityGroupIngress",
                "ec2:DeleteSecurityGroup",
                "ec2:DeleteNatGateway",
                "ec2:DeleteVpc",
                "ec2:CreateSubnet",
                "ec2:DescribeSubnets",
                "ec2:DescribeAvailabilityZones",
                "ec2:DescribeImages",
                "ec2:describeAddresses",
                "ec2:DescribeVpcs",
                "ec2:CreateLaunchTemplate",
                "ec2:DescribeLaunchTemplates",
                "ec2:RunInstances",
                "ec2:DeleteLaunchTemplate",
                "ec2:DescribeLaunchTemplateVersions",
                "ec2:DescribeImageAttribute",
                "ec2:DescribeKeyPairs",
                "ec2:ImportKeyPair"
            ],
            "Resource": "*"
        }
    ]
}
	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Effect": "Allow",
	"Action": [
	"iam:CreateInstanceProfile",
	"iam:DeleteInstanceProfile",
	"iam:GetRole",
	"iam:GetInstanceProfile",
	"iam:RemoveRoleFromInstanceProfile",
	"iam:CreateRole",
	"iam:DeleteRole",
	"iam:AttachRolePolicy",
	"iam:PutRolePolicy",
	"iam:ListInstanceProfiles",
	"iam:AddRoleToInstanceProfile",
	"iam:ListInstanceProfilesForRole",
	"iam:PassRole",
	"iam:DetachRolePolicy",
	"iam:DeleteRolePolicy",
	"iam:GetRolePolicy",
	"iam:DeleteServiceLinkedRole",
	"iam:CreateServiceLinkedRole",
	"iam:GetOpenIDConnectProvider"
	],
	"Resource": [
	"arn:aws:iam::<AWS-account-ID>:instance-profile/eksctl-*",
	"arn:aws:iam::<AWS-account-ID>:role/eksctl-*",
	"arn:aws:iam::<AWS-account-ID>:oidc-provider/oidc.eks.*"
	]
	},
	{
	"Effect": "Allow",
	"Action": "cloudformation:*",
	"Resource": "*"
	},
	{
	"Effect": "Allow",
	"Action": [
	"eks:*"
	],
	"Resource": "*"
	},
	{
	"Effect": "Allow",
	"Action": [
	"elasticloadbalancing:*"
	],
	"Resource": "*"
	},
	{
	"Effect": "Allow",
	"Action": [
	"autoscaling:DescribeAutoScalingGroups",
	"autoscaling:DescribeLaunchConfigurations",
	"autoscaling:DescribeScalingActivities",
	"autoscaling:CreateLaunchConfiguration",
	"autoscaling:DeleteLaunchConfiguration",
	"autoscaling:UpdateAutoScalingGroup",
	"autoscaling:DeleteAutoScalingGroup",
	"autoscaling:CreateAutoScalingGroup"
	],
	"Resource": "*"
	},
	{
	"Effect": "Allow",
	"Action": "ec2:DeleteInternetGateway",
	"Resource": "arn:aws:ec2:::internet-gateway/*"
	},
	{
	"Effect": "Allow",
	"Action": [
	"ec2:AuthorizeSecurityGroupIngress",
	"ec2:DeleteSubnet",
	"ec2:DeleteTags",
	"ec2:CreateNatGateway",
	"ec2:CreateVpc",
	"ec2:AttachInternetGateway",
	"ec2:DescribeVpcAttribute",
	"ec2:DeleteRouteTable",
	"ec2:AssociateRouteTable",
	"ec2:DescribeInternetGateways",
	"ec2:CreateRoute",
	"ec2:CreateInternetGateway",
	"ec2:RevokeSecurityGroupEgress",
	"ec2:CreateSecurityGroup",
	"ec2:ModifyVpcAttribute",
	"ec2:DeleteInternetGateway",
	"ec2:DescribeRouteTables",
	"ec2:ReleaseAddress",
	"ec2:AuthorizeSecurityGroupEgress",
	"ec2:DescribeTags",
	"ec2:CreateTags",
	"ec2:DeleteRoute",
	"ec2:CreateRouteTable",
	"ec2:DetachInternetGateway",
	"ec2:DescribeNatGateways",
	"ec2:DisassociateRouteTable",
	"ec2:AllocateAddress",
	"ec2:DescribeSecurityGroups",
	"ec2:RevokeSecurityGroupIngress",
	"ec2:DeleteSecurityGroup",
	"ec2:DeleteNatGateway",
	"ec2:DeleteVpc",
	"ec2:CreateSubnet",
	"ec2:DescribeSubnets",
	"ec2:DescribeAvailabilityZones",
	"ec2:DescribeImages",
	"ec2:describeAddresses",
	"ec2:DescribeVpcs",
	"ec2:CreateLaunchTemplate",
	"ec2:DescribeLaunchTemplates",
	"ec2:RunInstances",
	"ec2:DeleteLaunchTemplate",
	"ec2:DescribeLaunchTemplateVersions",
	"ec2:DescribeImageAttribute",
	"ec2:DescribeKeyPairs",
	"ec2:ImportKeyPair"
	],
	"Resource": "*"
	}
	]
	}