Permissions

The AWS CIS v3.0.0 - Section 1 - Identity and Access Management policy pack requires 18 permissions:

• ec2:AssociateIamInstanceProfile
• ec2:DescribeIamInstanceProfileAssociations
• ec2:ReplaceIamInstanceProfileAssociation
• iam:CreatePolicyVersion
• iam:DeleteAccessKey
• iam:DeleteGroupPolicy
• iam:DeleteLoginProfile
• iam:DeletePolicyVersion
• iam:DeleteRolePolicy
• iam:DeleteServerCertificate
• iam:DeleteUserPolicy
• iam:DetachUserPolicy
• iam:ListPolicyVersions
• iam:PutGroupPolicy
• iam:PutRolePolicy
• iam:PutUserPolicy
• iam:UpdateAccessKey
• iam:UpdateAccountPasswordPolicy