rpherrera/cloud8-iam-policy.txt

## cloud8-iam-policy.txt
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ec2:Describe*",
                "ec2:CreateImage",
                "ec2:DeregisterImage",
                "ec2:DeleteSnapshot",
                "ec2:ModifyInstanceAttribute",
                "ec2:AssociateAddress",
                "ec2:RebootInstances",
                "ec2:StartInstances",
                "ec2:StopInstances",
                "rds:Describe*",
                "rds:Download*",
                "rds:ListTagsForResource",
                "rds:ModifyDBInstance*",
                "rds:CreateDBSnapshot*",
                "rds:DeleteDBSnapshot",
                "sns:Describe*",
                "sns:ListSubscriptions*",
                "sns:CreateTopic",
                "sns:Subscribe",
                "sns:ConfirmSubscription",
                "rds:CreateEventSubscription",
                "elasticache:Describe*",
                "elasticloadbalancing:Describe*",
                "autoscaling:Describe*",
                "cloudtrail:DescribeTrails",
                "cloudtrail:GetTrailStatus",
                "cloudtrail:Look*",
                "cloudfront:Describe*",
                "redshift:Describe*",
                "tag:get*",
                "trustedadvisor:Describe*",
                "iam:Get*",
                "iam:List*",
                "iam:Generate*",
                "route53:Get*",
                "route53:List*",
                "cloudwatch:Get*",
                "cloudwatch:List*"
            ],
            "Resource": "*"
        },
        {
            "Action": [
                "s3:ListAllMyBuckets"
            ],
            "Effect": "Allow",
            "Resource": "arn:aws:s3:::*"
        },
        {
            "Action": [
                "s3:ListBucket",
                "s3:GetBucketLocation"
            ],
            "Effect": "Allow",
            "Resource": "arn:aws:s3:::cloud8-reports"
        },
        {
            "Action": [
                "s3:GetObject"
            ],
            "Effect": "Allow",
            "Resource": "arn:aws:s3:::cloud8-reports/*"
        }
    ]
}
	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Effect": "Allow",
	"Action": [
	"ec2:Describe*",
	"ec2:CreateImage",
	"ec2:DeregisterImage",
	"ec2:DeleteSnapshot",
	"ec2:ModifyInstanceAttribute",
	"ec2:AssociateAddress",
	"ec2:RebootInstances",
	"ec2:StartInstances",
	"ec2:StopInstances",
	"rds:Describe*",
	"rds:Download*",
	"rds:ListTagsForResource",
	"rds:ModifyDBInstance*",
	"rds:CreateDBSnapshot*",
	"rds:DeleteDBSnapshot",
	"sns:Describe*",
	"sns:ListSubscriptions*",
	"sns:CreateTopic",
	"sns:Subscribe",
	"sns:ConfirmSubscription",
	"rds:CreateEventSubscription",
	"elasticache:Describe*",
	"elasticloadbalancing:Describe*",
	"autoscaling:Describe*",
	"cloudtrail:DescribeTrails",
	"cloudtrail:GetTrailStatus",
	"cloudtrail:Look*",
	"cloudfront:Describe*",
	"redshift:Describe*",
	"tag:get*",
	"trustedadvisor:Describe*",
	"iam:Get*",
	"iam:List*",
	"iam:Generate*",
	"route53:Get*",
	"route53:List*",
	"cloudwatch:Get*",
	"cloudwatch:List*"
	],
	"Resource": "*"
	},
	{
	"Action": [
	"s3:ListAllMyBuckets"
	],
	"Effect": "Allow",
	"Resource": "arn:aws:s3:::*"
	},
	{
	"Action": [
	"s3:ListBucket",
	"s3:GetBucketLocation"
	],
	"Effect": "Allow",
	"Resource": "arn:aws:s3:::cloud8-reports"
	},
	{
	"Action": [
	"s3:GetObject"
	],
	"Effect": "Allow",
	"Resource": "arn:aws:s3:::cloud8-reports/*"
	}
	]
	}