From 5eace1249c2f23af03bab9c6c9b5e63f398dcf24 Mon Sep 17 00:00:00 2001
From: Lukas Zapletal <lzap+git@redhat.com>
Date: Tue, 14 Jan 2025 18:16:03 +0100
Subject: [PATCH] docs: add missing S3 permissions

---
 README.md | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 4f8c90b4..42202959 100644
--- a/README.md
+++ b/README.md
@@ -203,7 +203,24 @@ Note that when no value is given the progress is auto-detected baed on the envir
 
 #### Prerequisites
 
-In order to successfully import an AMI into your AWS account, you need to have the [vmimport service role](https://docs.aws.amazon.com/vm-import/latest/userguide/required-permissions.html) configured on your account.
+In order to successfully import an AMI into your AWS account, you need to have the [vmimport service role](https://docs.aws.amazon.com/vm-import/latest/userguide/required-permissions.html) configured on your account with the following additional permissions:
+
+```
+{
+    "Effect": "Allow",
+    "Action": [
+        "s3:ListAllMyBuckets",
+        "s3:GetBucketAcl",
+        "s3:DeleteObject"
+    ],
+    "Resource": [
+        "arn:aws:s3:::amzn-s3-demo-import-bucket",
+        "arn:aws:s3:::amzn-s3-demo-import-bucket/*",
+        "arn:aws:s3:::amzn-s3-demo-export-bucket",
+        "arn:aws:s3:::amzn-s3-demo-export-bucket/*"
+    ]
+},
+```
 
 #### Flags