I'm looking at setting up a deploy server within our VPC and am trying to use an IAM role instead of keys for Ansibles dynamic ec2.py
inventory script.
An answer at Can I use IAM Roles for Ansible says it is possible, however it does not indicate what permission are required.
I'm wondering if someone is able to provide some more details on what permissions are needed to be able to generate a dynamic inventory.
Edit: I've reviewed the docs and I think part of the solution is figuring out what permissions botos get_all_instances() needs.