Skip to content

Instantly share code, notes, and snippets.

@qwo
Last active December 25, 2019 02:14
Show Gist options
  • Save qwo/abaf61555d8820b3d6bede0e156b1e19 to your computer and use it in GitHub Desktop.
Save qwo/abaf61555d8820b3d6bede0e156b1e19 to your computer and use it in GitHub Desktop.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"cloudformation:CreateUploadBucket",
"cloudformation:CancelUpdateStack",
"cloudformation:CreateStack",
"cloudformation:DeleteStack",
"cloudformation:UpdateStack",
"cloudformation:UpdateTerminationProtection",
"cloudformation:CreateChangeSet",
"cloudformation:Describe*",
"cloudformation:ContinueUpdateRollback",
"cloudformation:EstimateTemplateCost",
"cloudformation:PreviewStackUpdate",
"cloudformation:List*",
"cloudformation:ExecuteChangeSet",
"cloudformation:ValidateTemplate",
"cloudformation:Get*"
],
"Resource": "*"
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": [
"lambda:AddPermission",
"lambda:InvokeFunction",
"lambda:DeleteFunction",
"lambda:PublishVersion",
"lambda:List*",
"lambda:CreateFunction",
"lambda:Get*",
"lambda:RemovePermission",
"lambda:CreateAlias",
"lambda:Update*",
"apigateway:GET"
],
"Resource": [
"arn:aws:lambda:*:*:function:${project}*",
"arn:aws:apigateway:*::/restapis"
]
},
{
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": "apigateway:*",
"Resource": "arn:aws:apigateway:*::/restapis/GATEWAY_ID/*"
},
{
"Effect": "Allow",
"Action": [
"ec2:AuthorizeSecurityGroupIngress",
"ec2:Describe*",
"ec2:createTags",
"ec2:CreateInternetGateway",
"ec2:DeleteInternetGateway",
"ec2:CreateVpc",
"ec2:DeleteVpc",
"ec2:ModifyVpcAttribute",
"iam:CreateRole",
"iam:DeleteRole",
"ec2:DeleteInternetGateway",
"dynamodb:CreateTable",
"dynamodb:DescribeTable",
"dynamodb:DeleteTable",
"kinesis:CreateStream",
"kinesis:DescribeStream",
"kinesis:DeleteStream",
"ec2:CreateNetworkAcl",
"ec2:DeleteNetworkAcl",
"ec2:CreateRouteTable",
"ec2:DeleteRouteTable",
"ec2:AttachInternetGateway",
"ec2:DetachInternetGateway",
"ec2:CreateSubnet",
"ec2:DeleteSubnet",
"ec2:CreateSecurityGroup",
"ec2:DeleteSecurityGroup",
"ec2:CreateNetworkAclEntry",
"ec2:DeleteNetworkAclEntry",
"iam:PutRolePolicy",
"iam:DeleteRolePolicy",
"iam:GetRole",
"states:CreateStateMachine",
"states:DeleteStateMachine"
],
"Resource": "*"
}
]
}
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1449904348000",
"Effect": "Allow",
"Action": [
"cloudformation:CreateStack",
"cloudformation:CreateChangeSet",
"cloudformation:ListStacks",
"cloudformation:UpdateStack",
"cloudformation:DeleteStack",
"cloudformation:Describe*",
"cloudformation:ExecuteChangeSet",
"cloudformation:ValidateTemplate"
],
"Resource": [
"*"
]
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment