Last active
September 20, 2022 14:52
-
-
Save cwawak/10568e224908e32f03df62110a80c560 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"Version": "2012-10-17", | |
"Statement": [{ | |
"Action": [ | |
"ec2:AuthorizeSecurityGroupEgress", | |
"ec2:AuthorizeSecurityGroupIngress", | |
"ec2:CopyImage", | |
"ec2:CreateNetworkInterface", | |
"ec2:AttachNetworkInterface", | |
"ec2:CreateSecurityGroup", | |
"ec2:CreateTags", | |
"ec2:CreateVolume", | |
"ec2:DeleteSecurityGroup", | |
"ec2:DeleteSnapshot", | |
"ec2:DeleteTags", | |
"ec2:DeregisterImage", | |
"ec2:DescribeAccountAttributes", | |
"ec2:DescribeAddresses", | |
"ec2:DescribeAvailabilityZones", | |
"ec2:DescribeDhcpOptions", | |
"ec2:DescribeImages", | |
"ec2:DescribeInstanceAttribute", | |
"ec2:DescribeInstanceCreditSpecifications", | |
"ec2:DescribeInstances", | |
"ec2:DescribeInstanceTypes", | |
"ec2:DescribeInternetGateways", | |
"ec2:DescribeKeyPairs", | |
"ec2:DescribeNatGateways", | |
"ec2:DescribeNetworkAcls", | |
"ec2:DescribeNetworkInterfaces", | |
"ec2:DescribePrefixLists", | |
"ec2:DescribeRegions", | |
"ec2:DescribeRouteTables", | |
"ec2:DescribeSecurityGroups", | |
"ec2:DescribeSubnets", | |
"ec2:DescribeTags", | |
"ec2:DescribeVolumes", | |
"ec2:DescribeVpcAttribute", | |
"ec2:DescribeVpcClassicLink", | |
"ec2:DescribeVpcClassicLinkDnsSupport", | |
"ec2:DescribeVpcEndpoints", | |
"ec2:DescribeVpcs", | |
"ec2:GetEbsDefaultKmsKeyId", | |
"ec2:ModifyInstanceAttribute", | |
"ec2:ModifyNetworkInterfaceAttribute", | |
"ec2:RevokeSecurityGroupEgress", | |
"ec2:RevokeSecurityGroupIngress", | |
"ec2:RunInstances", | |
"ec2:TerminateInstances", | |
"ec2:AllocateAddress", | |
"ec2:AssociateAddress", | |
"ec2:AssociateDhcpOptions", | |
"ec2:AssociateRouteTable", | |
"ec2:AttachInternetGateway", | |
"ec2:CreateDhcpOptions", | |
"ec2:CreateInternetGateway", | |
"ec2:CreateNatGateway", | |
"ec2:CreateRoute", | |
"ec2:CreateRouteTable", | |
"ec2:CreateSubnet", | |
"ec2:CreateVpc", | |
"ec2:CreateVpcEndpoint", | |
"ec2:ModifySubnetAttribute", | |
"ec2:ModifyVpcAttribute", | |
"elasticloadbalancing:AddTags", | |
"elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", | |
"elasticloadbalancing:AttachLoadBalancerToSubnets", | |
"elasticloadbalancing:ConfigureHealthCheck", | |
"elasticloadbalancing:CreateLoadBalancer", | |
"elasticloadbalancing:CreateLoadBalancerListeners", | |
"elasticloadbalancing:DeleteLoadBalancer", | |
"elasticloadbalancing:DeregisterInstancesFromLoadBalancer", | |
"elasticloadbalancing:DescribeInstanceHealth", | |
"elasticloadbalancing:DescribeLoadBalancerAttributes", | |
"elasticloadbalancing:DescribeLoadBalancers", | |
"elasticloadbalancing:DescribeTags", | |
"elasticloadbalancing:ModifyLoadBalancerAttributes", | |
"elasticloadbalancing:RegisterInstancesWithLoadBalancer", | |
"elasticloadbalancing:SetLoadBalancerPoliciesOfListener", | |
"elasticloadbalancing:AddTags", | |
"elasticloadbalancing:CreateListener", | |
"elasticloadbalancing:CreateLoadBalancer", | |
"elasticloadbalancing:CreateTargetGroup", | |
"elasticloadbalancing:DeleteLoadBalancer", | |
"elasticloadbalancing:DeregisterTargets", | |
"elasticloadbalancing:DescribeListeners", | |
"elasticloadbalancing:DescribeLoadBalancerAttributes", | |
"elasticloadbalancing:DescribeLoadBalancers", | |
"elasticloadbalancing:DescribeTargetGroupAttributes", | |
"elasticloadbalancing:DescribeTargetHealth", | |
"elasticloadbalancing:ModifyLoadBalancerAttributes", | |
"elasticloadbalancing:ModifyTargetGroup", | |
"elasticloadbalancing:ModifyTargetGroupAttributes", | |
"elasticloadbalancing:RegisterTargets", | |
"iam:AddRoleToInstanceProfile", | |
"iam:CreateInstanceProfile", | |
"iam:CreateRole", | |
"iam:DeleteInstanceProfile", | |
"iam:DeleteRole", | |
"iam:DeleteRolePolicy", | |
"iam:GetInstanceProfile", | |
"iam:GetRole", | |
"iam:GetRolePolicy", | |
"iam:GetUser", | |
"iam:ListInstanceProfilesForRole", | |
"iam:ListRoles", | |
"iam:ListUsers", | |
"iam:PassRole", | |
"iam:PutRolePolicy", | |
"iam:RemoveRoleFromInstanceProfile", | |
"iam:SimulatePrincipalPolicy", | |
"iam:TagRole", | |
"RequiredRoute53permissionsforinstallation", | |
"route53:ChangeResourceRecordSets", | |
"route53:ChangeTagsForResource", | |
"route53:CreateHostedZone", | |
"route53:DeleteHostedZone", | |
"route53:GetChange", | |
"route53:GetHostedZone", | |
"route53:ListHostedZones", | |
"route53:ListHostedZonesByName", | |
"route53:ListResourceRecordSets", | |
"route53:ListTagsForResource", | |
"route53:UpdateHostedZoneComment", | |
"s3:CreateBucket", | |
"s3:DeleteBucket", | |
"s3:GetAccelerateConfiguration", | |
"s3:GetBucketAcl", | |
"s3:GetBucketCors", | |
"s3:GetBucketLocation", | |
"s3:GetBucketLogging", | |
"s3.GetBucketPolicy", | |
"s3:GetBucketObjectLockConfiguration", | |
"s3:GetBucketReplication", | |
"s3:GetBucketRequestPayment", | |
"s3:GetBucketTagging", | |
"s3:GetBucketVersioning", | |
"s3:GetBucketWebsite", | |
"s3:GetEncryptionConfiguration", | |
"s3:GetLifecycleConfiguration", | |
"s3:GetReplicationConfiguration", | |
"s3:ListBucket", | |
"s3:PutBucketAcl", | |
"s3:PutBucketTagging", | |
"s3:PutEncryptionConfiguration", | |
"s3:DeleteObject", | |
"s3:GetObject", | |
"s3:GetObjectAcl", | |
"s3:GetObjectTagging", | |
"s3:GetObjectVersion", | |
"s3:PutObject", | |
"s3:PutObjectAcl", | |
"s3:PutObjectTagging", | |
"autoscaling:DescribeAutoScalingGroups", | |
"ec2:DeletePlacementGroup", | |
"ec2:DeleteNetworkInterface", | |
"ec2:DeleteVolume", | |
"elasticloadbalancing:DeleteTargetGroup", | |
"elasticloadbalancing:DescribeTargetGroups", | |
"iam:DeleteAccessKey", | |
"iam:DeleteUser", | |
"iam:ListAttachedRolePolicies", | |
"iam:ListInstanceProfiles", | |
"iam:ListRolePolicies", | |
"iam:ListUserPolicies", | |
"s3:DeleteObject", | |
"s3:ListBucketVersions", | |
"tag:GetResources", | |
"ec2:DeleteDhcpOptions", | |
"ec2:DeleteInternetGateway", | |
"ec2:DeleteNatGateway", | |
"ec2:DeleteRoute", | |
"ec2:DeleteRouteTable", | |
"ec2:DeleteSubnet", | |
"ec2:DeleteVpc", | |
"ec2:DeleteVpcEndpoints", | |
"ec2:DetachInternetGateway", | |
"ec2:DisassociateRouteTable", | |
"ec2:ReleaseAddress", | |
"ec2:ReplaceRouteTableAssociation", | |
"iam:UntagRole", | |
"iam:DeleteAccessKey", | |
"iam:DeleteUser", | |
"iam:DeleteUserPolicy", | |
"iam:GetUserPolicy", | |
"iam:ListAccessKeys", | |
"iam:PutUserPolicy", | |
"iam:TagUser", | |
"iam:GetUserPolicy", | |
"iam:ListAccessKeys", | |
"s3:PutBucketPublicAccessBlock", | |
"s3:GetBucketPublicAccessBlock", | |
"s3:PutLifecycleConfiguration", | |
"s3:HeadBucket", | |
"s3:ListBucketMultipartUploads", | |
"s3:AbortMultipartUpload", | |
"ec2:DescribeInstanceTypeOfferings", | |
"servicequotas:ListAWSDefaultServiceQuotas" | |
], | |
"Resource": "*", | |
"Effect": "Allow" | |
}] | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment