Minimum AWS policy

I was wondering if anyone knows which AWS policy ONE needs to have. We would like to limit more the “EC2FullAccess” and others we have now so that the IAM can’t do more than what ONE needs.

Does anyone has already solved this? A JSON would be much appreciated :smiley:.