-
-
Save coderfi/73961cc9923e697caced15d5a4ce70e2 to your computer and use it in GitHub Desktop.
Credential set for Serverless Framework + AppSync + ElasticSearch + Cognito
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"Statement": [ | |
{ | |
"Action": [ | |
"apigateway:*", | |
"appsync:CreateApiKey", | |
"appsync:CreateDataSource", | |
"appsync:CreateFunction", | |
"appsync:CreateGraphqlApi", | |
"appsync:CreateResolver", | |
"appsync:CreateType", | |
"appsync:DeleteApiKey", | |
"appsync:DeleteDataSource", | |
"appsync:DeleteFunction", | |
"appsync:DeleteGraphqlApi", | |
"appsync:DeleteResolver", | |
"appsync:DeleteType", | |
"appsync:GetDataSource", | |
"appsync:GetFunction", | |
"appsync:GetGraphqlApi", | |
"appsync:GetIntrospectionSchema", | |
"appsync:GetResolver", | |
"appsync:GetSchemaCreationStatus", | |
"appsync:GetType", | |
"appsync:ListDataSources", | |
"appsync:ListFunctions", | |
"appsync:ListGraphqlApis", | |
"appsync:ListResolvers", | |
"appsync:ListTypes", | |
"appsync:StartSchemaCreation", | |
"appsync:UpdateApiKey", | |
"appsync:UpdateDataSource", | |
"appsync:UpdateFunction", | |
"appsync:UpdateGraphqlApi", | |
"appsync:UpdateResolver", | |
"appsync:UpdateType", | |
"cloudformation:CancelUpdateStack", | |
"cloudformation:ContinueUpdateRollback", | |
"cloudformation:CreateChangeSet", | |
"cloudformation:CreateStack", | |
"cloudformation:CreateUploadBucket", | |
"cloudformation:DeleteStack", | |
"cloudformation:Describe*", | |
"cloudformation:EstimateTemplateCost", | |
"cloudformation:ExecuteChangeSet", | |
"cloudformation:Get*", | |
"cloudformation:List*", | |
"cloudformation:UpdateStack", | |
"cloudformation:UpdateTerminationProtection", | |
"cloudformation:ValidateTemplate", | |
"cognito-identity:CreateIdentityPool", | |
"cognito-identity:ListIdentityPools", | |
"cognito-identity:SetIdentityPoolRoles", | |
"cognito-idp:CreateUserPool", | |
"cognito-idp:CreateUserPoolClient", | |
"cognito-idp:CreateUserPoolDomain", | |
"cognito-idp:DeleteUserPool", | |
"cognito-idp:DeleteUserPoolClient", | |
"cognito-idp:DeleteUserPoolDomain", | |
"cognito-idp:DescribeUserPool", | |
"cognito-idp:DescribeUserPoolClient", | |
"cognito-idp:DescribeUserPoolDomain", | |
"cognito-idp:ListUserPoolClients", | |
"cognito-idp:ListUserPools", | |
"cognito-idp:UpdateUserPool", | |
"cognito-idp:UpdateUserPoolClient", | |
"dynamodb:BatchGetItem", | |
"dynamodb:BatchWriteItem", | |
"dynamodb:CreateTable", | |
"dynamodb:DeleteTable", | |
"dynamodb:DescribeStream", | |
"dynamodb:DescribeTable", | |
"dynamodb:GetItem", | |
"dynamodb:GetRecords", | |
"dynamodb:GetShardIterator", | |
"dynamodb:ListStreams", | |
"dynamodb:PutItem", | |
"dynamodb:Query", | |
"dynamodb:Scan", | |
"dynamodb:UpdateItem", | |
"dynamodb:UpdateTable", | |
"ec2:AttachInternetGateway", | |
"ec2:AuthorizeSecurityGroupIngress", | |
"ec2:CreateInternetGateway", | |
"ec2:CreateNetworkAcl", | |
"ec2:CreateNetworkAclEntry", | |
"ec2:CreateRouteTable", | |
"ec2:CreateSecurityGroup", | |
"ec2:CreateSubnet", | |
"ec2:CreateTags", | |
"ec2:CreateVpc", | |
"ec2:DeleteInternetGateway", | |
"ec2:DeleteNetworkAcl", | |
"ec2:DeleteNetworkAclEntry", | |
"ec2:DeleteRouteTable", | |
"ec2:DeleteSecurityGroup", | |
"ec2:DeleteSubnet", | |
"ec2:DeleteVpc", | |
"ec2:Describe*", | |
"ec2:DetachInternetGateway", | |
"ec2:ModifyVpcAttribute", | |
"es:AddTags", | |
"es:CreateElasticsearchDomain", | |
"es:DeleteElasticsearchDomain", | |
"es:DeleteElasticsearchServiceRole", | |
"es:DescribeElasticsearchDomain", | |
"es:DescribeElasticsearchDomainConfig", | |
"es:DescribeElasticsearchDomains", | |
"es:DescribeElasticsearchInstanceTypeLimits", | |
"es:DescribeReservedElasticsearchInstanceOfferings", | |
"es:DescribeReservedElasticsearchInstances", | |
"es:GetCompatibleElasticsearchVersions", | |
"es:GetUpgradeHistory", | |
"es:GetUpgradeStatus", | |
"es:ListDomainNames", | |
"es:ListElasticsearchInstanceTypes", | |
"es:ListElasticsearchVersions", | |
"es:ListTags", | |
"es:RemoveTags", | |
"es:UpdateElasticsearchDomainConfig", | |
"es:UpgradeElasticsearchDomain", | |
"events:DeleteRule", | |
"events:DescribeRule", | |
"events:ListRuleNamesByTarget", | |
"events:ListRules", | |
"events:ListTargetsByRule", | |
"events:PutRule", | |
"events:PutTargets", | |
"events:RemoveTargets", | |
"iam:CreateRole", | |
"iam:DeleteRole", | |
"iam:DeleteRolePolicy", | |
"iam:GetRole", | |
"iam:PassRole", | |
"iam:PutRolePolicy", | |
"iot:CreateTopicRule", | |
"iot:DeleteTopicRule", | |
"iot:DisableTopicRule", | |
"iot:EnableTopicRule", | |
"iot:ReplaceTopicRule", | |
"kinesis:CreateStream", | |
"kinesis:DeleteStream", | |
"kinesis:DescribeStream", | |
"lambda:*", | |
"logs:CreateLogGroup", | |
"logs:DeleteLogGroup", | |
"logs:DescribeLogGroups", | |
"logs:DescribeLogStreams", | |
"logs:FilterLogEvents", | |
"logs:GetLogEvents", | |
"s3:CreateBucket", | |
"s3:DeleteBucket", | |
"s3:DeleteBucketPolicy", | |
"s3:DeleteObject", | |
"s3:DeleteObjectVersion", | |
"s3:GetObject", | |
"s3:GetObjectVersion", | |
"s3:ListAllMyBuckets", | |
"s3:ListBucket", | |
"s3:PutBucketCORS", | |
"s3:PutBucketNotification", | |
"s3:PutBucketPolicy", | |
"s3:PutBucketTagging", | |
"s3:PutBucketWebsite", | |
"s3:PutEncryptionConfiguration", | |
"s3:PutObject", | |
"sns:CreateTopic", | |
"sns:DeleteTopic", | |
"sns:GetSubscriptionAttributes", | |
"sns:GetTopicAttributes", | |
"sns:ListSubscriptions", | |
"sns:ListSubscriptionsByTopic", | |
"sns:ListTopics", | |
"sns:SetSubscriptionAttributes", | |
"sns:SetTopicAttributes", | |
"sns:Subscribe", | |
"sns:Unsubscribe", | |
"states:CreateStateMachine", | |
"states:DeleteStateMachine" | |
], | |
"Effect": "Allow", | |
"Resource": "*", | |
"Sid": "VisualEditor0" | |
}, | |
{ | |
"Action": [ | |
"cognito-identity:DeleteIdentityPool", | |
"cognito-identity:DescribeIdentityPool", | |
"cognito-identity:GetIdentityPoolRoles", | |
"cognito-identity:UpdateIdentityPool" | |
], | |
"Effect": "Allow", | |
"Resource": "arn:aws:cognito-identity:*:*:identitypool/*", | |
"Sid": "VisualEditor1" | |
} | |
], | |
"Version": "2012-10-17" | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment