File tree Expand file tree Collapse file tree 1 file changed +3
-13
lines changed
terraform/account-wide-infrastructure/mgmt Expand file tree Collapse file tree 1 file changed +3
-13
lines changed Original file line number Diff line number Diff line change @@ -46,6 +46,9 @@ module "developer_policy" {
4646 Resource = [
4747 " ${ data . aws_s3_bucket . terraform_state . arn } /${ local . project } /prod/*"
4848 " ${ data . aws_s3_bucket . terraform_state . arn } /${ local . project } /mgmt/*"
49+ " ${ data . aws_s3_bucket . truststore . arn } /ca/prod.*"
50+ " ${ data . aws_s3_bucket . truststore . arn } /client/prod.*"
51+ " ${ data . aws_s3_bucket . truststore . arn } /server/prod.*"
4952 ]
5053 },
5154 {
@@ -100,19 +103,6 @@ module "developer_policy" {
100103 " ${ data . aws_s3_bucket . ci_logging . arn } /*"
101104 ]
102105 },
103- {
104- Action = [
105- " s3:PutObject"
106- " s3:GetObject"
107- " s3:DeleteObject"
108- ]
109- Effect = " Deny"
110- Resource = [
111- " ${ data . aws_s3_bucket . truststore . arn } /ca/prod*"
112- " ${ data . aws_s3_bucket . truststore . arn } /client/prod*"
113- " ${ data . aws_s3_bucket . truststore . arn } /server/prod*"
114- ]
115- },
116106 {
117107 Action = [
118108 " s3:GetObject"
You can’t perform that action at this time.
0 commit comments