Instantly share code, notes, and snippets.

Embed
What would you like to do?
OneKloud - Aws Read Only
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "FullPolicy",
"Action": [
"aws-portal:ViewBilling",
"aws-portal:ViewUsage",
"autoscaling:Describe*",
"cloudformation:DescribeStacks",
"cloudformation:GetStackPolicy",
"cloudformation:GetTemplate",
"cloudformation:ListStackResources",
"cloudfront:Get*",
"cloudfront:List*",
"cloudtrail:DescribeTrails",
"cloudtrail:GetTrailStatus",
"cloudwatch:Describe*",
"cloudwatch:Get*",
"cloudwatch:List*",
"ec2:Describe*",
"ec2:GetHostReservationPurchasePreview",
"ec2:GetReservedInstancesExchangeQuote",
"ecs:List*",
"ecs:Describe*",
"elasticache:Describe*",
"elasticache:List*",
"elasticache:Describe*",
"elasticbeanstalk:Describe*",
"elasticbeanstalk:List*",
"elasticbeanstalk:RequestEnvironmentInfo",
"elasticbeanstalk:RetrieveEnvironmentInfo",
"elasticloadbalancing:Describe*",
"elasticmapreduce:Describe*",
"elasticmapreduce:List*",
"elasticmapreduce:Describe*",
"es:List*",
"es:Describe*",
"glacier:List*",
"glacier:Describe*",
"glacier:Get*",
"iam:Get*",
"iam:List*",
"iam:GenerateCredentialReport",
"lambda:List*",
"rds:Describe*",
"rds:ListTagsForResource",
"redshift:Describe*",
"route53:Get*",
"route53:List*",
"s3:List*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Sid": "CloudWatchLogsSpecific",
"Effect": "Allow",
"Action": [
"logs:GetLogEvents",
"logs:DescribeLogGroups",
"logs:DescribeLogStreams"
],
"Resource": [
"arn:aws:logs:*:*:*"
]
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment