@@ -82,7 +82,21 @@ Following IAM permissions are the minimum permissions needed for your IAM user o
8282 " eks:DescribeCluster"
8383 " eks:ListClusters"
8484 " eks:UpdateClusterConfig"
85+ " eks:UpdateClusterVersion"
8586 " eks:DescribeUpdate"
87+ " eks:TagResource"
88+ " eks:UntagResource"
89+ " eks:ListTagsForResource"
90+ " eks:CreateFargateProfile"
91+ " eks:DeleteFargateProfile"
92+ " eks:DescribeFargateProfile"
93+ " eks:ListFargateProfiles"
94+ " eks:CreateNodegroup"
95+ " eks:DeleteNodegroup"
96+ " eks:DescribeNodegroup"
97+ " eks:ListNodegroups"
98+ " eks:UpdateNodegroupConfig"
99+ " eks:UpdateNodegroupVersion"
86100 " iam:AddRoleToInstanceProfile"
87101 " iam:AttachRolePolicy"
88102 " iam:CreateInstanceProfile"
@@ -109,13 +123,22 @@ Following IAM permissions are the minimum permissions needed for your IAM user o
109123 " iam:PutRolePolicy"
110124 " iam:RemoveRoleFromInstanceProfile"
111125 " iam:TagRole"
126+ " iam:UntagRole"
112127 " iam:UpdateAssumeRolePolicy"
113128 // Following permissions are needed if cluster_enabled_log_types is enabled
114129 " logs:CreateLogGroup"
115130 " logs:DescribeLogGroups"
116131 " logs:DeleteLogGroup"
117132 " logs:ListTagsLogGroup"
118- " logs:PutRetentionPolicy"
133+ " logs:PutRetentionPolicy"
134+ // Following permissions for working with secrets_encryption example
135+ " kms:CreateGrant"
136+ " kms:CreateKey"
137+ " kms:DescribeKey"
138+ " kms:GetKeyPolicy"
139+ " kms:GetKeyRotationStatus"
140+ " kms:ListResourceTags"
141+ " kms:ScheduleKeyDeletion"
119142 ],
120143 "Resource" : " *"
121144 }
0 commit comments