File tree Expand file tree Collapse file tree 1 file changed +6
-4
lines changed
Expand file tree Collapse file tree 1 file changed +6
-4
lines changed Original file line number Diff line number Diff line change @@ -596,13 +596,16 @@ Resources:
596596 - !Sub " arn:${AWS::Partition}:glue:${AWS::Region}:${AWS::AccountId}:catalog"
597597 - !Sub " arn:${AWS::Partition}:glue:${AWS::Region}:${AWS::AccountId}:database/${DatabaseName}"
598598 - !Sub " arn:${AWS::Partition}:glue:${AWS::Region}:${AWS::AccountId}:table/${DatabaseName}/*"
599- - !If
600- - NeedDataBucketsKms
599+ - !If
600+ - NeedDataBucketsKms
601+ - PolicyName : " KMS"
602+ PolicyDocument :
603+ Version : " 2012-10-17"
604+ Statement :
601605 - Effect : " Allow"
602606 Action :
603607 - " kms:Decrypt"
604608 Resource : !Split [ ',', !Ref DataBucketsKmsKeysArns ]
605- - !Ref AWS::NoValue
606609
607610 KmsPolicyForCidResources :
608611 Type : AWS::IAM::Policy
@@ -617,7 +620,6 @@ Resources:
617620 - ' kms:Decrypt'
618621 Resource : !Split [ ',', !Ref DataBucketsKmsKeysArns ]
619622 Roles :
620- - !Ref LambdaInitRole
621623 - !Ref StepFunctionExecutionRole
622624 - !Ref LambdaManageGlueTableRole
623625 - !Ref GlueRole
You can’t perform that action at this time.
0 commit comments