trailofbits / algo

Is your feature request related to a problem? Please describe.
PR #14326 revealed that users following the existing comments
in the config.cfg are not instructed to change the IAM permissions.
Only the markdown doc has the information. A solution is to
modify the config.cfg to point users to reference the documentation if
they make the change from the default on-demand to spot instance.

Describe the solution you'd like
This is a better comment:

# Change instance_market_type from "on-demand" to "spot" to launch a spot
# instance. See deploy-from-ansible.md for spot's additional IAM permission

vs the existing comment:

algo/config.cfg

Lines 186 to 188 in 4bed66f

    
           # Change instance_market_type from "on-demand" to "spot" to take advantage of 
        
           # simplified spot launch options 
        
           # See https://aws.amazon.com/blogs/compute/new-amazon-ec2-spot-pricing/

The document already has the required instructions:

algo/docs/deploy-from-ansible.md

Lines 115 to 119 in 6aa177b

    
           - [instance_market_type](https://aws.amazon.com/ec2/pricing/) - Two pricing models are supported: on-demand and spot. String (Default: on-demand) 
        
             * If using spot instance types, one additional IAM permission along with the below minimum is required for deployment: 
        
               ``` 
        
                 "ec2:CreateLaunchTemplate" 
        
               ```

	# Change instance_market_type from "on-demand" to "spot" to take advantage of
	# simplified spot launch options
	# See https://aws.amazon.com/blogs/compute/new-amazon-ec2-spot-pricing/

	- [instance_market_type](https://aws.amazon.com/ec2/pricing/) - Two pricing models are supported: on-demand and spot. String (Default: on-demand)
	* If using spot instance types, one additional IAM permission along with the below minimum is required for deployment:
	```
	"ec2:CreateLaunchTemplate"
	```

Better config.cfg comment for ec2 spot requests