From 72bd7db1e70219f4ecf4d744fda6b77775faaaca Mon Sep 17 00:00:00 2001 From: Adam Greene Date: Wed, 13 Jul 2016 15:52:47 -0700 Subject: [PATCH] [Docs] aws-ec2 -- note IAM action requirement --- website/source/docs/auth/aws-ec2.html.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/source/docs/auth/aws-ec2.html.md b/website/source/docs/auth/aws-ec2.html.md index 25879893d9..57c912124f 100644 --- a/website/source/docs/auth/aws-ec2.html.md +++ b/website/source/docs/auth/aws-ec2.html.md @@ -271,7 +271,7 @@ $ vault auth-enable aws-ec2 #### Configure the credentials required to make AWS API calls Note: the client uses the official AWS SDK and will use environment variable or -IAM role-provided credentials if available. +IAM role-provided credentials if available. The AWS credentials used require the IAM action `ec2:DescribeInstance` to be allowed. ``` $ vault write auth/aws-ec2/config/client secret_key=vCtSM8ZUEQ3mOFVlYPBQkf2sO6F/W7a5TVzrl3Oj access_key=VKIAJBRHKH6EVTTNXDHA