Skip to content

Instantly share code, notes, and snippets.

@wehappyfew
Forked from flomotlik/CodeDeploy Policy
Last active January 28, 2016 09:11
Show Gist options
  • Save wehappyfew/a7528e0c5f9a899bde1e to your computer and use it in GitHub Desktop.
Save wehappyfew/a7528e0c5f9a899bde1e to your computer and use it in GitHub Desktop.
This policy provides the entity that is attached to [IAM user] , with the rights to actually create new application revisions, create new deployments, update the deployment configuration and get the status of a deployment. The following snippet for CodeDeploy sets the minimum required rights. Please note, that you need to adapt the snippet to yo…
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"codedeploy:RegisterApplicationRevision",
"codedeploy:GetApplicationRevision"
],
"Resource": [
"arn:aws:codedeploy:us-east-1:870116389747:application:DemoApplication"
]
},
{
"Effect": "Allow",
"Action": [
"codedeploy:CreateDeployment",
"codedeploy:GetDeployment"
],
"Resource": [
"arn:aws:codedeploy:us-east-1:870116389747:deploymentgroup:DemoApplication/*"
]
},
{
"Effect": "Allow",
"Action": [
"codedeploy:GetDeploymentConfig"
],
"Resource": [
"arn:aws:codedeploy:us-east-1:870116389747:deploymentconfig:CodeDeployDefault.OneAtATime",
"arn:aws:codedeploy:us-east-1:870116389747:deploymentconfig:CodeDeployDefault.HalfAtATime",
"arn:aws:codedeploy:us-east-1:870116389747:deploymentconfig:CodeDeployDefault.AllAtOnce"
]
}
]
}
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::codeship-codedeploy-bucket/testname/*"
]
}
]
}
@wehappyfew
Copy link
Author

From experience...instead of the IAM user ID , you can put the username but only if it's all lowercase.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment