From 49543aca619f37575c9b8c5796bb29bd1ea66ab8 Mon Sep 17 00:00:00 2001
From: Justin Santa Barbara <justin@fathomdb.com>
Date: Thu, 2 Apr 2015 11:00:36 -0700
Subject: [PATCH] Update IAM permissions for minion, to allow EBS

---
 .../templates/iam/kubernetes-minion-policy.json   | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/cluster/aws/templates/iam/kubernetes-minion-policy.json b/cluster/aws/templates/iam/kubernetes-minion-policy.json
index 635ff1f67e0..32453443a40 100644
--- a/cluster/aws/templates/iam/kubernetes-minion-policy.json
+++ b/cluster/aws/templates/iam/kubernetes-minion-policy.json
@@ -7,6 +7,21 @@
       "Resource": [
         "arn:aws:s3:::kubernetes-*"
       ]
+    },
+    {
+      "Effect": "Allow",
+      "Action": "ec2:Describe*",
+      "Resource": "*"
+    },
+    {
+      "Effect": "Allow",
+      "Action": "ec2:AttachVolume",
+      "Resource": "*"
+    },
+    {
+      "Effect": "Allow",
+      "Action": "ec2:DetachVolume",
+      "Resource": "*"
     }
   ]
 }