Creating an IAM Role and Policy

  1. Log in to the AWS console and create an IAM role with the name "bootstrap-VM-S3-role" or similar.

  2. Attach an IAM policy with the name bootstrap-VM-S3-policy (or similar). The policy has the following statements.

{
    "Version": "2021-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetObject"
            ],
            "Resource": [
                "arn:aws:s3:::*"
            ]
        }
    ]
}