cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

[cloud][test]Add missing IAM policy for cloudfront (#38248)

Browse source 
Cloudfront needs CreateOriginAccessIdentity

Add profile parameter to setup-iam.yml. Could arguably just use
AWS_PROFILE but given that other tasks are using profile, should
be consistent.
This commit is contained in:
Will Thames 2018-04-06 04:06:04 +10:00 committed by Ryan Brown
parent 55fd3d62fb
commit a1d3cf488d
2 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
hacking/aws_config/setup-iam.yml
View file

@ -26,6 +26,7 @@
- name: Get aws account ID - name: Get aws account ID
aws_caller_facts: aws_caller_facts:
profile: "{{ profile|default(omit) }}"
register: aws_caller_facts register: aws_caller_facts
- name: Set aws_account_fact - name: Set aws_account_fact

1
hacking/aws_config/testing_policies/cloudfront-policy.json
View file

@ -7,6 +7,7 @@
"Action": [ "Action": [
"cloudfront:CreateDistribution", "cloudfront:CreateDistribution",
"cloudfront:CreateDistributionWithTags", "cloudfront:CreateDistributionWithTags",
"cloudfront:CreateCloudFrontOriginAccessIdentity",
"cloudfront:DeleteDistribution", "cloudfront:DeleteDistribution",
"cloudfront:GetDistribution", "cloudfront:GetDistribution",
"cloudfront:GetStreamingDistribution", "cloudfront:GetStreamingDistribution",