If you want to securely control access to AWS services and resources for your users, you need to create an IAM user account. The IAM role must have the permissions for the following actions:
```
ec2:DescribeInstances
ec2:DescribeNetworkInterfaces
ec2:DetachNetworkInterface
ec2:AttachNetworkInterface
ec2:StartInstances
ec2:StopInstances
ec2:RebootInstances
ec2:DescribeAddresses
ec2:AssociateAddress
ec2:DisassociateAddress
iam:SimulatePrincipalPolicy
iam:GetRole
autoscaling:*
sns:*
sqs:*
```