The kops user will need to have the following permissions in AWS to function properly:
- AmazonEC2FullAccess
- AmazonS3FullAccess
- AmazonRoute53FullAccess
- IAMFullAccess
- AmazonVPCFullAccess
First, we are going to create a group named kops and give the needed permissions to the group. Execute the following list of commands to create a group and assign permissions:
$ aws iam create-group --group-name kops$ aws iam attach-group-policy --policy-arn $ arn:aws:iam::aws:policy/AmazonEC2FullAccess --group-name kops$ aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess --group-name kops$ aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonRoute53FullAccess --group-name kops$ aws ...
