2017-12-15 14:15:01 +01:00
|
|
|
{
|
|
|
|
|
"Version": "2012-10-17",
|
|
|
|
|
"Statement": [
|
|
|
|
|
{
|
|
|
|
|
"Sid": "UnspecifiedCodeRepositories",
|
|
|
|
|
"Effect": "Allow",
|
|
|
|
|
"Action": [
|
|
|
|
|
"ecr:DescribeRepositories",
|
|
|
|
|
"ecr:CreateRepository"
|
|
|
|
|
],
|
|
|
|
|
"Resource": "*"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"Sid": "SpecifiedCodeRepositories",
|
|
|
|
|
"Effect": "Allow",
|
|
|
|
|
"Action": [
|
2019-12-19 19:41:41 +01:00
|
|
|
"ecr:GetLifecyclePolicy",
|
|
|
|
|
"ecr:PutLifecyclePolicy",
|
|
|
|
|
"ecr:DeleteLifecyclePolicy",
|
2017-12-15 14:15:01 +01:00
|
|
|
"ecr:GetRepositoryPolicy",
|
|
|
|
|
"ecr:SetRepositoryPolicy",
|
|
|
|
|
"ecr:DeleteRepository",
|
|
|
|
|
"ecr:DeleteRepositoryPolicy",
|
|
|
|
|
"ecr:DeleteRepositoryPolicy"
|
|
|
|
|
],
|
|
|
|
|
"Resource": [
|
|
|
|
|
"arn:aws:ecr:{{aws_region}}:{{aws_account}}:repository/ansible-*"
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"Effect": "Allow",
|
|
|
|
|
"Action": [
|
|
|
|
|
"application-autoscaling:Describe*",
|
|
|
|
|
"application-autoscaling:PutScalingPolicy",
|
|
|
|
|
"application-autoscaling:RegisterScalableTarget",
|
|
|
|
|
"cloudwatch:DescribeAlarms",
|
|
|
|
|
"cloudwatch:PutMetricAlarm",
|
|
|
|
|
"ecs:CreateCluster",
|
|
|
|
|
"ecs:CreateService",
|
2018-04-25 21:41:04 +02:00
|
|
|
"ecs:DeleteCluster",
|
|
|
|
|
"ecs:DeleteService",
|
|
|
|
|
"ecs:DeregisterTaskDefinition",
|
|
|
|
|
"ecs:Describe*",
|
|
|
|
|
"ecs:List*",
|
2019-06-17 20:41:20 +02:00
|
|
|
"ecs:PutAccountSetting",
|
2018-04-25 21:41:04 +02:00
|
|
|
"ecs:RegisterTaskDefinition",
|
|
|
|
|
"ecs:RunTask",
|
2019-03-06 13:40:32 +01:00
|
|
|
"ecs:StartTask",
|
|
|
|
|
"ecs:StopTask",
|
2017-12-15 14:15:01 +01:00
|
|
|
"ecs:UpdateService",
|
|
|
|
|
"elasticloadbalancing:Describe*",
|
2019-07-04 21:25:19 +02:00
|
|
|
"iam:GetInstanceProfile",
|
2017-12-15 14:15:01 +01:00
|
|
|
"iam:GetPolicy",
|
|
|
|
|
"iam:GetPolicyVersion",
|
|
|
|
|
"iam:GetRole",
|
|
|
|
|
"iam:ListAttachedRolePolicies",
|
|
|
|
|
"iam:ListGroups",
|
2018-04-25 21:41:04 +02:00
|
|
|
"iam:ListRoles",
|
2017-12-15 14:15:01 +01:00
|
|
|
"iam:ListUsers"
|
|
|
|
|
],
|
|
|
|
|
"Resource": [
|
|
|
|
|
"*"
|
|
|
|
|
]
|
2018-06-07 14:44:04 +02:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"Effect": "Allow",
|
|
|
|
|
"Action": [
|
|
|
|
|
"eks:CreateCluster",
|
|
|
|
|
"eks:DeleteCluster",
|
|
|
|
|
"eks:DescribeCluster",
|
|
|
|
|
"eks:ListClusters"
|
|
|
|
|
],
|
|
|
|
|
"Resource": [
|
|
|
|
|
"*"
|
|
|
|
|
]
|
2017-12-15 14:15:01 +01:00
|
|
|
}
|
2018-06-07 14:44:04 +02:00
|
|
|
|
|
|
|
|
|
2017-12-15 14:15:01 +01:00
|
|
|
]
|
|
|
|
|
}
|
