File tree Expand file tree Collapse file tree 2 files changed +14
-4
lines changed
modules/aws/vendor-access/files Expand file tree Collapse file tree 2 files changed +14
-4
lines changed Original file line number Diff line number Diff line change 77 " Action"
88 " acm:*"
99 " autoscaling:*"
10+ " cloudwatch:*"
1011 " cognito-idp:*"
1112 " dynamodb:*"
1213 " ec2:*"
1718 " iam:List*"
1819 " kms:*"
1920 " logs:*"
21+ " pricing:*"
2022 " route53:*"
23+ " route53domains:*"
2124 " s3:*"
2225 " servicequotas:*"
2326 " shield:*"
24- " support:*"
27+ " sqs:*"
28+ " ssm:*"
2529 " sts:*"
30+ " support:*"
2631 " waf-regional:*"
2732 " wafv2:*"
2833 ],
3641 " iam:CreateOpenIDConnectProvider"
3742 " iam:CreateServiceLinkedRole"
3843 " iam:CreatePolicy*"
44+ " iam:CreateInstanceProfile"
3945 " iam:DeleteInstanceProfile"
4046 " iam:DeleteOpenIDConnectProvider"
4147 " iam:DeletePolicy*"
9197 }
9298 },
9399 {
94- " Sid" " RestrictPassRoleToEKS "
100+ " Sid" " RestrictPassRole "
95101 " Effect" " Allow"
96102 " Action"
97103 " iam:PassRole"
98104 ],
99105 " Resource"
100106 " arn:${partition}:iam::${account_id}:role/${cluster_pattern}"
101- " arn:${partition}:iam::${account_id}:role/StreamNative/${cluster_pattern} "
107+ " arn:${partition}:iam::${account_id}:role/StreamNative/* "
102108 ],
103109 " Condition"
104110 " StringEquals"
105- " iam:PassedToService" " eks.amazonaws.com"
111+ " iam:PassedToService"
112+ " ec2.amazonaws.com"
113+ " eks.amazonaws.com"
114+ ]
106115 }
107116 }
108117 },
Original file line number Diff line number Diff line change 194194 " iam:AddRoleToInstanceProfile"
195195 " iam:CreateRole"
196196 " iam:CreatePolicy*"
197+ " iam:CreateInstanceProfile"
197198 " iam:DeleteInstanceProfile"
198199 " iam:DeleteOpenIDConnectProvider"
199200 " iam:DeleteRole*"
You can’t perform that action at this time.
0 commit comments