jrichardsz/AWSElasticBeanstalkFullAccess.json

## aws policies collection.md

      
    Raw
  

              aws policies collection.md
            
          
https://gist.github.com/nicolasdao/c54338247534c7d32f6dd21b045cb170
https://gist.github.com/mlconnor/7548903

keyword:
aws policies collection, awspolicies

  
## AWSElasticBeanstalkFullAccess.json
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "elasticbeanstalk:*",
                "ec2:*",
                "ecs:*",
                "ecr:*",
                "elasticloadbalancing:*",
                "autoscaling:*",
                "cloudwatch:*",
                "s3:*",
                "sns:*",
                "cloudformation:*",
                "dynamodb:*",
                "rds:*",
                "sqs:*",
                "logs:*",
                "iam:GetPolicyVersion",
                "iam:GetRole",
                "iam:PassRole",
                "iam:ListRolePolicies",
                "iam:ListAttachedRolePolicies",
                "iam:ListInstanceProfiles",
                "iam:ListRoles",
                "iam:ListServerCertificates",
                "acm:DescribeCertificate",
                "acm:ListCertificates",
                "codebuild:CreateProject",
                "codebuild:DeleteProject",
                "codebuild:BatchGetBuilds",
                "codebuild:StartBuild"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "iam:AddRoleToInstanceProfile",
                "iam:CreateInstanceProfile",
                "iam:CreateRole"
            ],
            "Resource": [
                "arn:aws:iam::*:role/aws-elasticbeanstalk*",
                "arn:aws:iam::*:instance-profile/aws-elasticbeanstalk*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "iam:CreateServiceLinkedRole"
            ],
            "Resource": [
                "arn:aws:iam::*:role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling*"
            ],
            "Condition": {
                "StringLike": {
                    "iam:AWSServiceName": "autoscaling.amazonaws.com"
                }
            }
        },
        {
            "Effect": "Allow",
            "Action": [
                "iam:CreateServiceLinkedRole"
            ],
            "Resource": [
                "arn:aws:iam::*:role/aws-service-role/elasticbeanstalk.amazonaws.com/AWSServiceRoleForElasticBeanstalk*"
            ],
            "Condition": {
                "StringLike": {
                    "iam:AWSServiceName": "elasticbeanstalk.amazonaws.com"
                }
            }
        },
        {
            "Effect": "Allow",
            "Action": [
                "iam:AttachRolePolicy"
            ],
            "Resource": "*",
            "Condition": {
                "StringLike": {
                    "iam:PolicyArn": [
                        "arn:aws:iam::aws:policy/AWSElasticBeanstalk*",
                        "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalk*"
                    ]
                }
            }
        }
    ]
}
	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Effect": "Allow",
	"Action": [
	"elasticbeanstalk:*",
	"ec2:*",
	"ecs:*",
	"ecr:*",
	"elasticloadbalancing:*",
	"autoscaling:*",
	"cloudwatch:*",
	"s3:*",
	"sns:*",
	"cloudformation:*",
	"dynamodb:*",
	"rds:*",
	"sqs:*",
	"logs:*",
	"iam:GetPolicyVersion",
	"iam:GetRole",
	"iam:PassRole",
	"iam:ListRolePolicies",
	"iam:ListAttachedRolePolicies",
	"iam:ListInstanceProfiles",
	"iam:ListRoles",
	"iam:ListServerCertificates",
	"acm:DescribeCertificate",
	"acm:ListCertificates",
	"codebuild:CreateProject",
	"codebuild:DeleteProject",
	"codebuild:BatchGetBuilds",
	"codebuild:StartBuild"
	],
	"Resource": "*"
	},
	{
	"Effect": "Allow",
	"Action": [
	"iam:AddRoleToInstanceProfile",
	"iam:CreateInstanceProfile",
	"iam:CreateRole"
	],
	"Resource": [
	"arn:aws:iam:::role/aws-elasticbeanstalk",
	"arn:aws:iam:::instance-profile/aws-elasticbeanstalk"
	]
	},
	{
	"Effect": "Allow",
	"Action": [
	"iam:CreateServiceLinkedRole"
	],
	"Resource": [
	"arn:aws:iam:::role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling"
	],
	"Condition": {
	"StringLike": {
	"iam:AWSServiceName": "autoscaling.amazonaws.com"
	}
	}
	},
	{
	"Effect": "Allow",
	"Action": [
	"iam:CreateServiceLinkedRole"
	],
	"Resource": [
	"arn:aws:iam:::role/aws-service-role/elasticbeanstalk.amazonaws.com/AWSServiceRoleForElasticBeanstalk"
	],
	"Condition": {
	"StringLike": {
	"iam:AWSServiceName": "elasticbeanstalk.amazonaws.com"
	}
	}
	},
	{
	"Effect": "Allow",
	"Action": [
	"iam:AttachRolePolicy"
	],
	"Resource": "*",
	"Condition": {
	"StringLike": {
	"iam:PolicyArn": [
	"arn:aws:iam::aws:policy/AWSElasticBeanstalk*",
	"arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalk*"
	]
	}
	}
	}
	]
	}