Skip to content

Commit

Permalink
Update detected
Browse files Browse the repository at this point in the history
  • Loading branch information
MAMIP Bot committed Dec 1, 2024
1 parent 0acc59e commit 7526880
Show file tree
Hide file tree
Showing 3 changed files with 107 additions and 8 deletions.
99 changes: 97 additions & 2 deletions policies/AWSVpcLatticeServiceRolePolicy
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"PolicyVersion": {
"CreateDate": "2022-11-30T20:47:10Z",
"VersionId": "v1",
"CreateDate": "2024-12-01T14:06:06Z",
"VersionId": "v2",
"Document": {
"Version": "2012-10-17",
"Statement": [
Expand All @@ -14,6 +14,101 @@
"cloudwatch:namespace": "AWS/VpcLattice"
}
}
},
{
"Action": [
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeVpcs"
],
"Resource": "*",
"Effect": "Allow",
"Sid": "VpcLatticeDescribeActions"
},
{
"Action": [
"ec2:CreateNetworkInterface"
],
"Resource": "arn:aws:ec2:*:*:network-interface/*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"aws:RequestTag/VpcLatticeManaged": "true"
}
},
"Sid": "VpcLatticeCreateNetworkInterfaceWithTag"
},
{
"Action": [
"ec2:CreateNetworkInterface"
],
"Resource": [
"arn:aws:ec2:*:*:subnet/*",
"arn:aws:ec2:*:*:security-group/*"
],
"Effect": "Allow",
"Sid": "VpcLatticeCreateNetworkInterfaceWithSubnetAndSecurityGroup"
},
{
"Action": [
"ec2:CreateTags"
],
"Resource": "arn:aws:ec2:*:*:network-interface/*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"ec2:CreateAction": "CreateNetworkInterface"
}
},
"Sid": "VpcLatticeTagNetworkInterfaceActions"
},
{
"Action": [
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:CreateNetworkInterfacePermission",
"ec2:DeleteNetworkInterface"
],
"Resource": "arn:aws:ec2:*:*:network-interface/*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"aws:ResourceTag/VpcLatticeManaged": "true"
}
},
"Sid": "VpcLatticeMutateNetworkInterfaceActions"
},
{
"Action": [
"ec2:ModifyNetworkInterfaceAttribute"
],
"Resource": "arn:aws:ec2:*:*:security-group/*",
"Effect": "Allow",
"Sid": "VpcLatticeModifyNetworkInterfaceSecurityGroup"
},
{
"Action": [
"ec2:AssignIpv6Addresses",
"ec2:UnassignIpv6Addresses",
"ec2:AssignPrivateIpAddresses",
"ec2:UnassignPrivateIpAddresses"
],
"Resource": "arn:aws:ec2:*:*:network-interface/*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"aws:ResourceTag/VpcLatticeManaged": "true"
}
},
"Sid": "VpcLatticeModifyNetworkInterfaceActionsIpAddressActions"
},
{
"Action": [
"route53:AssociateVPCWithHostedZone"
],
"Resource": "*",
"Effect": "Allow",
"Sid": "VpcLatticeAssociateHostedZoneToVpc"
}
]
},
Expand Down
8 changes: 5 additions & 3 deletions policies/VPCLatticeFullAccess
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"PolicyVersion": {
"CreateDate": "2023-03-30T02:49:02Z",
"VersionId": "v1",
"CreateDate": "2024-12-01T14:21:06Z",
"VersionId": "v2",
"Document": {
"Version": "2012-10-17",
"Statement": [
Expand All @@ -25,7 +25,9 @@
"s3:ListAllMyBuckets",
"lambda:ListAliases",
"lambda:ListFunctions",
"lambda:ListVersionsByFunction"
"lambda:ListVersionsByFunction",
"rds:DescribeDBInstances",
"rds:DescribeDBClusters"
],
"Resource": "*",
"Effect": "Allow"
Expand Down
8 changes: 5 additions & 3 deletions policies/VPCLatticeReadOnlyAccess
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"PolicyVersion": {
"CreateDate": "2023-03-30T02:47:25Z",
"VersionId": "v1",
"CreateDate": "2024-12-01T14:21:06Z",
"VersionId": "v2",
"Document": {
"Version": "2012-10-17",
"Statement": [
Expand All @@ -26,7 +26,9 @@
"logs:DescribeLogGroups",
"logs:GetLogDelivery",
"logs:ListLogDeliveries",
"s3:ListAllMyBuckets"
"s3:ListAllMyBuckets",
"rds:DescribeDBInstances",
"rds:DescribeDBClusters"
],
"Resource": "*",
"Effect": "Allow"
Expand Down

0 comments on commit 7526880

Please sign in to comment.