Skip to content

Commit

Permalink
Update service role policy to include additional ecs, es and sqs perm…
Browse files Browse the repository at this point in the history 
…issions (#3423)

Co-authored-by: Rob Newman <[email protected]>
Co-authored-by: Sergey Fedoseev <[email protected]>
Co-authored-by: Dr. Ernie Prabhakar <[email protected]>
Co-authored-by: Dr. Ernie Prabhakar <[email protected]>
  • Loading branch information
@robnewman @sir-sigurd @drernie
5 people authored Dec 27, 2024
1 parent aa14ad8 commit 2272102
Showing 1 changed file with 9 additions and 2 deletions.
11 changes: 9 additions & 2 deletions docs/cfn-service-role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -134,6 +134,7 @@ Resources:
- es:CreateElasticsearchDomain
- es:DeleteElasticsearchDomain
- es:DescribeElasticsearchDomain
- es:UpdateDomainConfig
- es:UpdateElasticsearchDomainConfig
- events:DeleteRule
- events:DescribeRule
Expand All @@ -156,6 +157,7 @@ Resources:
- iam:AttachRolePolicy
- iam:CreateInstanceProfile
- iam:CreatePolicy
- iam:CreatePolicyVersion
- iam:CreateRole
- iam:CreateServiceLinkedRole
- iam:DeleteInstanceProfile
Expand Down Expand Up @@ -240,7 +242,7 @@ Resources:
- servicediscovery:GetOperation
- servicediscovery:GetService
- servicediscovery:TagResource
- sns:CreateTopic*
- sns:CreateTopic
- sns:DeleteTopic
- sns:Get*
- sns:Publish # To publish to CFN notification topic.
Expand All @@ -250,8 +252,13 @@ Resources:
- sqs:CreateQueue
- sqs:DeleteQueue
- sqs:GetQueueAttributes
- sqs:GetQueueUrl
- sqs:ListDeadLetterSourceQueues
- sqs:ListQueues
- sqs:ListQueueTags
- sqs:SetQueueAttributes
- sqs:TagQueue
- ssm:AddTagsToResource
- ssm:AddTagsToResource
- ssm:DeleteParameter
- ssm:GetParameters
- ssm:PutParameter
Expand Down

0 comments on commit 2272102

Please sign in to comment.