Aws-chroot IAM permission policy sample


I’m looking for a sample permissions policy, specific to using the “aws-chroot” image builder. Our security department needs a policy example to review before we can start using aws-chroot builder.

The ebs-backed builder sample policy is nice, but the benefit of the aws-chroot builder is it requires only a fraction of the allowable permissions . Thank you

Any suggestions? Was hoping someone would have a generic policy I could build from.