forked from travis-ci/terraform-config
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.example-aws-iam-policy.json
65 lines (65 loc) · 1.84 KB
/
.example-aws-iam-policy.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:*",
"elasticloadbalancing:*",
"route53:*",
"autoscaling:*",
"cloudwatch:*",
"SNS:*"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"arn:aws:s3:::travis-terraform-state",
"arn:aws:s3:::travis-terraform-state/*",
"arn:aws:s3:::travis-shared-1-registry-images",
"arn:aws:s3:::travis-shared-1-registry-images/*",
"arn:aws:s3:::travis-shared-2-registry-images",
"arn:aws:s3:::travis-shared-2-registry-images/*"
]
},
{
"Effect": "Allow",
"Action": [
"iam:GetUser"
],
"Resource": [
"arn:aws:iam::341288657826:user/igor-terraform"
]
},
{
"Effect": "Allow",
"Action": [
"iam:*"
],
"Resource": [
"arn:aws:iam::341288657826:role/*",
"arn:aws:iam::341288657826:user/registry-shared-1",
"arn:aws:iam::341288657826:user/registry-shared-2",
"arn:aws:iam::*:user/cyclist-*",
"arn:aws:iam::*:user/worker-*",
"arn:aws:iam::*:user/build-trace-*"
]
},
{
"Effect": "Allow",
"Action": [
"dynamodb:*"
],
"Resource": [
"arn:aws:dynamodb:us-east-1:341288657826:table/travis-terraform-state"
]
}
]
}