Update README to clarify permissions required for self-hosted Kuberne…

…tes and EKS
kkb0318 · Aug 12, 2024 · da98b3c · da98b3c
1 parent d445178
commit da98b3c
Showing 1 changed file with 33 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -22,7 +22,11 @@ Before you begin, ensure you have the following:
 - A running Kubernetes cluster.
 - Helm installed on your local machine.
 - AWS user credentials with appropriate permissions.
-  - The permissions should allow irsa-manager to call the necessary AWS APIs. You can find all the APIs that irsa-manager calls in the internal/aws/aws.go interfaces.
+
+  - The permissions should allow irsa-manager to call the necessary AWS APIs. The following outlines the required permissions for self-hosted Kubernetes and EKS environments.
+
+<details>
+<summary>for self-hosted</summary>
 
 ```json
 {
@@ -48,6 +52,34 @@ Before you begin, ensure you have the following:
 }
 ```
 
+</details>
+
+<details>
+<summary>for EKS</summary>
+
+```json
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "iam:CreateRole",
+        "iam:UpdateAssumeRolePolicy",
+        "iam:AttachRolePolicy",
+        "iam:DeleteRole",
+        "iam:DetachRolePolicy",
+        "iam:ListAttachedRolePolicies",
+        "sts:GetCallerIdentity"
+      ],
+      "Resource": "*"
+    }
+  ]
+}
+```
+
+</details>
+
 ## Setup
 
 Follow these steps to set up IRSA on your cluster: