@@ -24,32 +24,14 @@ Resources:
2424 " Statement " [
2525 {
2626 " Effect " Allow,
27- " Action " cloudformation:DescribeStacks,
28- " Resource " " *"
29- },
30- {
31- " Effect " Allow,
32- " Action " cloudformation:CreateChangeSet,
33- " Resource " " *"
34- },
35- {
36- " Effect " Allow,
37- " Action " cloudformation:DescribeChangeSet,
38- " Resource " " *"
39- },
40- {
41- " Effect " Allow,
42- " Action " cloudformation:ExecuteChangeSet,
43- " Resource " " *"
44- },
45- {
46- " Effect " Allow,
47- " Action " cloudformation:CreateStack,
48- " Resource " " *"
49- },
50- {
51- " Effect " Allow,
52- " Action " cloudformation:DeleteChangeSet,
27+ " Action " [
28+ cloudformation:CreateChangeSet,
29+ cloudformation:CreateStack,
30+ cloudformation:DeleteChangeSet,
31+ cloudformation:DescribeChangeSet,
32+ cloudformation:DescribeStacks,
33+ cloudformation:ExecuteChangeSet,
34+ ],
5335 " Resource " " *"
5436 },
5537 ]
@@ -60,17 +42,12 @@ Resources:
6042 " Statement " [
6143 {
6244 " Effect " Allow,
63- " Action " iam:UpdateAssumeRolePolicy,
64- " Resource " " *"
65- },
66- {
67- " Effect " Allow,
68- " Action " iam:GetRole,
69- " Resource " " *"
70- },
71- {
72- " Effect " Allow,
73- " Action " iam:PutRoleRole,
45+ " Action " [
46+ iam:GetRole,
47+ iam:PutRolePolicy,
48+ iam:PutRoleRole,
49+ iam:UpdateAssumeRolePolicy,
50+ ],
7451 " Resource " " *"
7552 },
7653 ]
@@ -81,47 +58,17 @@ Resources:
8158 " Statement " [
8259 {
8360 " Effect " Allow,
84- " Action " ecr:CreateRepository,
85- " Resource " " *"
86- },
87- {
88- " Effect " Allow,
89- " Action " ecr:GetAuthorizationToken,
90- " Resource " " *"
91- },
92- {
93- " Effect " Allow,
94- " Action " ecr:BatchGetImage,
95- " Resource " " *"
96- },
97- {
98- " Effect " Allow,
99- " Action " ecr:BatchCheckLayerAvailability,
100- " Resource " " *"
101- },
102- {
103- " Effect " Allow,
104- " Action " ecr:CompleteLayerUpload,
105- " Resource " " *"
106- },
107- {
108- " Effect " Allow,
109- " Action " ecr:InitiateLayerUpload,
110- " Resource " " *"
111- },
112- {
113- " Effect " Allow,
114- " Action " ecr:GetDownloadUrlForLayer,
115- " Resource " " *"
116- },
117- {
118- " Effect " Allow,
119- " Action " ecr:PutImage,
120- " Resource " " *"
121- },
122- {
123- " Effect " Allow,
124- " Action " ecr:UploadLayerPart,
61+ " Action " [
62+ ecr:BatchCheckLayerAvailability,
63+ ecr:BatchGetImage,
64+ ecr:CompleteLayerUpload,
65+ ecr:CreateRepository,
66+ ecr:GetAuthorizationToken,
67+ ecr:GetDownloadUrlForLayer,
68+ ecr:InitiateLayerUpload,
69+ ecr:PutImage,
70+ ecr:UploadLayerPart
71+ ],
12572 " Resource " " *"
12673 },
12774 ]
0 commit comments