From 54511ff197d66138e1cea13284779bac07b38e3b Mon Sep 17 00:00:00 2001 From: Mauricio Teixeira <1847440+badnetmask@users.noreply.github.com> Date: Wed, 5 May 2021 07:29:06 -0400 Subject: [PATCH 1/3] update permissions for community.aws PR 565 --- aws/policy/networking.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/aws/policy/networking.yaml b/aws/policy/networking.yaml index e9bc8da0..9466df92 100644 --- a/aws/policy/networking.yaml +++ b/aws/policy/networking.yaml @@ -10,6 +10,8 @@ Statement: - route53:GetHostedZone - route53:DeleteHostedZone - route53:UpdateHostedZoneComment + - route53:ChangeTagsForResource + - route53:ListTagsForResource Resource: "*" - Sid: AllowRegionalUnrestrictedResourceActionsWhichIncurNoFees Effect: Allow @@ -38,6 +40,7 @@ Statement: - ec2:CreateRouteTable - ec2:CreateSecurityGroup - ec2:CreateSubnet + - ec2:CreateTags - ec2:CreateVpc - ec2:CreateVpcEndpoint - ec2:CreateVpcPeeringConnection @@ -71,6 +74,7 @@ Statement: - ec2:DescribeRouteTables - ec2:DescribeSecurityGroups - ec2:DescribeSubnets + - ec2:DescribeTags - ec2:DescribeVpcAttribute - ec2:DescribeVpcClassicLink - ec2:DescribeVpcClassicLinkDnsSupport From dd664ea63cca66848eda616ec2cefd39705d05e3 Mon Sep 17 00:00:00 2001 From: Mauricio Teixeira <1847440+badnetmask@users.noreply.github.com> Date: Wed, 5 May 2021 07:46:55 -0400 Subject: [PATCH 2/3] remove unnecessary permission as requested --- aws/policy/networking.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/aws/policy/networking.yaml b/aws/policy/networking.yaml index 9466df92..1c16b003 100644 --- a/aws/policy/networking.yaml +++ b/aws/policy/networking.yaml @@ -40,7 +40,6 @@ Statement: - ec2:CreateRouteTable - ec2:CreateSecurityGroup - ec2:CreateSubnet - - ec2:CreateTags - ec2:CreateVpc - ec2:CreateVpcEndpoint - ec2:CreateVpcPeeringConnection From 1c4f850d0ee1a3c591256ad8944f984041a46ee7 Mon Sep 17 00:00:00 2001 From: Mauricio Teixeira <1847440+badnetmask@users.noreply.github.com> Date: Thu, 6 May 2021 18:52:16 -0400 Subject: [PATCH 3/3] removing another duplicate policy --- aws/policy/networking.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/aws/policy/networking.yaml b/aws/policy/networking.yaml index 1c16b003..75a26168 100644 --- a/aws/policy/networking.yaml +++ b/aws/policy/networking.yaml @@ -73,7 +73,6 @@ Statement: - ec2:DescribeRouteTables - ec2:DescribeSecurityGroups - ec2:DescribeSubnets - - ec2:DescribeTags - ec2:DescribeVpcAttribute - ec2:DescribeVpcClassicLink - ec2:DescribeVpcClassicLinkDnsSupport