Page Comparison

{
	"Version": "2012-10-17",
	"Statement": [
		{
			"Effect": "Allow",
			"Action": [
				"ssm:ListAssociations",
				"ec2:DescribeNetworkAclsRunInstances",
				"ec2:DescribeInstanceStatusDescribeSubnets",
				"ec2:DescribeAddressesDescribeKeyPairs",
				"ec2:DescribeDhcpOptionsDescribeVpcs",
				"ec2:DescribeSnapshotsDescribeSecurityGroups",
				"ec2:DescribeVolumesDescribeSecurityGroupRules",
				"ec2:DescribeVolumeStatusAuthorizeSecurityGroupIngress",
				"ec2:DescribeVolumesModificationsCreateTags",
				"cloudwatchec2:DescribeAlarmsCreateSecurityGroup",
				"cloudwatchsns:ListMetricsListTopics",
				"iams3:ListUsersCreateBucket",
				"iam:ListAccessKeysAttachRolePolicy",
				"iam:CreateAccessKeyCreateRole",
				"ec2iam:AuthorizeSecurityGroupEgressListRoles",
				"iam:ListPolicyVersionsTagRole",
				"eksiam:ListClustersPutRolePolicy",
				"eksiam:DescribeClusterCreateInstanceProfile",
				"eksiam:ListNodegroupsAddRoleToInstanceProfile",
				"eksiam:DescribeNodegroupPassRole",
				"eksec2:DescribeAddonDescribeInstances",
				"eksec2:ListAddonsDescribeInstanceTypes",
				"eksec2:DescribeIdentityProviderConfigRunInstances",
				]"ec2:DescribeImages",
				"Resource"ec2: DescribeImageAttribute"*",
		},
		{"ec2:DescribeAvailabilityZones",
				"Effectec2:DescribeAccountAttributes":,
"Allow				"ec2:DescribeRouteTables",
				"Action": [ec2:DescribeNetworkAcls",
				"s3ec2:PutObjectDescribeInstanceStatus",
				"s3ec2:GetObjectDescribeAddresses",
			]	"ec2:DescribeDhcpOptions",
				"Resourceec2:DescribeSnapshots":,
				"arn:aws:s3:::cf-template*"
		}ec2:DescribeVolumes",
		{
			"Sid"ec2: DescribeVolumeStatus"Statement1",
				"Effect": "Allowec2:DescribeVolumesModifications",
				"Actioncloudwatch:DescribeAlarms":,
[
				"ekscloudwatch:CreateClusterListMetrics",
				"eksiam:DescribeClusterListUsers",
				"eksiam:DeleteClusterListAccessKeys",
				"eksiam:ListClustersCreateAccessKey",
				"eksec2:UpdateClusterConfigAuthorizeSecurityGroupEgress",
				"eksiam:UpdateClusterVersionListPolicyVersions",
				"eks:CreateNodegroupListClusters",
				"eks:DescribeNodegroupDescribeCluster",
				"eks:ListNodegroups",
				"eks:UpdateNodegroupConfigDescribeNodegroup",
				"eks:UpdateNodegroupVersionDescribeAddon",
				"eks:DescribeAddonVersionsListAddons",
				"eks:CreateAddonDescribeIdentityProviderConfig"
			],
				"Resource"eks:DeleteAddon" "*"
		},
		{
			"eks:DescribeAddonEffect": "Allow",
				"Action"eks:ListAddons", [
				"ekss3:UpdateAddonPutObject",
				"ekss3:AccessKubernetesApiGetObject"
			],
				"Resource"eks:ListAccessPolicies" "*"
		},
		{
			"Sid"eks:ListAccessEntries "Statement1",
				"Effect"eks:ListIdentityProviderConfigs "Allow",
				"Action"eks:DescribeAccessEntry", [
				"eks:ListPodIdentityAssociationsCreateCluster",
				"eks:ListAssociatedAccessPoliciesDescribeCluster",
				"eks:CreateAccessEntryDeleteCluster",
				"eks:AssociateAccessPolicyListClusters",
			],
			"Resource"eks: "*"
		}UpdateClusterConfig",
		{
			"Effect": "Alloweks:UpdateClusterVersion",
				"Actioneks:CreateNodegroup":,
[
				"iameks:DeleteRolePolicyDescribeNodegroup",
				"iameks:DeleteRoleListNodegroups",
				"iameks:GetRoleUpdateNodegroupConfig",
				"iameks:ListPoliciesUpdateNodegroupVersion",
				"iameks:ListAttachedRolePoliciesDescribeAddonVersions",
				"iameks:CreateServiceLinkedRoleCreateAddon",
				"iameks:RemoveRoleFromInstanceProfileDeleteAddon",
				"iameks:DeleteInstanceProfileDescribeAddon",
				"iameks:ListEntitiesForPolicyListAddons",
				"iameks:GetInstanceProfileUpdateAddon",
				"iameks:ListInstanceProfilesAccessKubernetesApi",
				"iameks:ListInstanceProfilesForRoleListAccessPolicies",
				"iameks:ListOpenIDConnectProvidersListAccessEntries",
				"iameks:GetOpenIDConnectProviderListIdentityProviderConfigs",
				"iameks:GetRolePolicyDescribeAccessEntry",
				"ec2eks:RevokeSecurityGroupIngressListPodIdentityAssociations",
				"ec2eks:DeleteSecurityGroupListAssociatedAccessPolicies",
				"ec2eks:StopInstancesCreateAccessEntry",
				"ec2eks:TerminateInstancesAssociateAccessPolicy",
			],
			"Resource"ec2:DescribeVpcAttribute" "*"
		},
		{
			"ec2:DescribeTagsEffect": "Allow",
				"Action"ec2:DescribeNetworkInterfaces", [
				"cloudformationiam:DeleteStackDeleteRolePolicy",
				"ec2iam:RevokeSecurityGroupEgressDeleteRole",
				"iam:ListRolePoliciesGetRole",
				"iam:CreatePolicyListPolicies",
				"iam:GetPolicyListAttachedRolePolicies",
				"ec2iam:DescribeInstanceAttributeCreateServiceLinkedRole",
				"iam:GetPolicyVersionRemoveRoleFromInstanceProfile",
			],
			"Resource"iam: "*"
		}DeleteInstanceProfile",
		{
			"Sid": "AdditionalPermissionsiam:ListEntitiesForPolicy",
				"Effect": "Allowiam:GetInstanceProfile",
				"Action": [iam:ListInstanceProfiles",
				"iam:DetachRolePolicyListInstanceProfilesForRole",
				"ec2iam:CreateVpcListOpenIDConnectProviders",
				"ec2iam:DeleteVpcGetOpenIDConnectProvider",
				"ec2iam:CreateSubnetGetRolePolicy",
				"ec2:DeleteSubnetRevokeSecurityGroupIngress",
				"ec2:CreateRouteTableDeleteSecurityGroup",
				"ec2:CreateRouteStopInstances",
				"ec2:AssociateRouteTableTerminateInstances",
				"ec2:ReplaceRouteTableAssociationDescribeVpcAttribute",
				"ec2:DeleteRouteTableDescribeTags",
				"ec2:CreateInternetGatewayDescribeNetworkInterfaces",
				"ec2cloudformation:AttachInternetGatewayDeleteStack",
				"ec2:AllocateAddressRevokeSecurityGroupEgress",
				"ec2iam:ReleaseAddressListRolePolicies",
				"ec2iam:CreateNatGatewayCreatePolicy",
				"ec2iam:DeleteNatGatewayGetPolicy",
				"cloudformationec2:UpdateStackDescribeInstanceAttribute",
				"cloudformationiam:DeleteChangeSetGetPolicyVersion",
				"cloudformation:DescribeChangeSet"],
				"Resource"cloudformation:ExecuteChangeSet" "*"
		},
		{
			"Sid"cloudtrail:DescribeTrails "AdditionalPermissions",
				"Effect"cloudtrail:GetTrailStatus "Allow",
				"Action"cloudtrail:GetEventSelectors", [
				"logsiam:DescribeLogGroupsDetachRolePolicy",
				"logsec2:DescribeLogStreamsCreateVpc",
				"logsec2:GetLogEventsDeleteVpc",
				"logsec2:FilterLogEventsCreateSubnet",
				"iamec2:GetUserPolicyDeleteSubnet",
				"iamec2:GetGroupPolicyCreateRouteTable",
				"iamec2:GetPolicyVersionCreateRoute",
				"ec2:CreateLaunchTemplateAssociateRouteTable",
				"ec2:DescribeLaunchTemplatesReplaceRouteTableAssociation",
				"ec2:DescribeInternetGatewaysDeleteRouteTable",
				"ec2:ModifyVpcAttributeCreateInternetGateway",
				"ec2:ModifySubnetAttributeAttachInternetGateway",
				"ec2:DescribeNatGatewaysAllocateAddress",
				"ec2:DescribeInstanceTypeOfferingsReleaseAddress",
				"ec2:DescribeEgressOnlyInternetGatewaysCreateNatGateway",
				"ec2:DescribeLaunchTemplateVersionsDeleteNatGateway",
				"ec2cloudformation:DeleteLaunchTemplateUpdateStack",
				"ekscloudformation:TagResourceDeleteChangeSet",
				"elasticloadbalancingcloudformation:CreateLoadBalancerDescribeChangeSet",
				"elasticloadbalancingcloudformation:DescribeLoadBalancersExecuteChangeSet",
				"elasticloadbalancingcloudtrail:DeleteLoadBalancerDescribeTrails",
				"elasticloadbalancingcloudtrail:CreateTargetGroupGetTrailStatus",
				"elasticloadbalancingcloudtrail:DescribeTargetGroupsGetEventSelectors",
				"elasticloadbalancinglogs:RegisterTargetsDescribeLogGroups",
				"autoscalinglogs:CreateAutoScalingGroupDescribeLogStreams",
				"autoscalinglogs:UpdateAutoScalingGroupGetLogEvents",
				"autoscalinglogs:DeleteAutoScalingGroupFilterLogEvents",
				"autoscalingiam:DescribeAutoScalingGroupsGetUserPolicy",
				"autoscalingiam:DescribeScalingActivitiesGetGroupPolicy",
				"cloudformationiam:DescribeChangeSetGetPolicyVersion",
				"cloudformationec2:ExecuteChangeSetCreateLaunchTemplate",
				"s3ec2:CreateBucketDescribeLaunchTemplates",
				"s3ec2:DeleteBucketDescribeInternetGateways",
				"s3ec2:ListBucketModifyVpcAttribute",
				"s3ec2:GetBucketLocationModifySubnetAttribute",
				"s3ec2:GetBucketPolicyDescribeNatGateways",
				"s3ec2:PutBucketPolicyDescribeInstanceTypeOfferings",
			]	"ec2:DescribeEgressOnlyInternetGateways",
				"Resource"ec2: DescribeLaunchTemplateVersions"*",
		}
	]
}		"ec2:DeleteLaunchTemplate",
				"eks:TagResource",
				"elasticloadbalancing:CreateLoadBalancer",
				"elasticloadbalancing:DescribeLoadBalancers",
				"elasticloadbalancing:DeleteLoadBalancer",
				"elasticloadbalancing:CreateTargetGroup",
				"elasticloadbalancing:DescribeTargetGroups",
				"elasticloadbalancing:RegisterTargets",
				"autoscaling:CreateAutoScalingGroup",
				"autoscaling:UpdateAutoScalingGroup",
				"autoscaling:DeleteAutoScalingGroup",
				"autoscaling:DescribeAutoScalingGroups",
				"autoscaling:DescribeScalingActivities",
				"cloudformation:DescribeChangeSet",
				"cloudformation:ExecuteChangeSet",
				"s3:CreateBucket",
				"s3:DeleteBucket",
				"s3:ListBucket",
				"s3:GetBucketLocation",
				"s3:GetBucketPolicy",
				"s3:PutBucketPolicy",
				"aws-marketplace:ViewSubscriptions",
				"ec2:DescribeKeyPairs",
				"ec2:CreateKeyPair"
			],
			"Resource": "*"
		}
	]
}

aws ec2 create-key-pair --key-name 'my-dev-key' --query 'KeyMaterial' --output text --region us-east-2 > my-dev-key.pem

chmod 400 my-dev-key.pem 

For macOS users, please grant x-install permissions by clicking the “Allow Anyway” button in the Security settings. This button is available for about an hour after you try to open the app. You can access the Security settings by choosing Apple Menu > System Settings, then clicking Privacy & Security in the sidebar.