Last active
September 20, 2022 14:52
-
-
Save cwawak/10568e224908e32f03df62110a80c560 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [{ | |
| "Action": [ | |
| "ec2:AuthorizeSecurityGroupEgress", | |
| "ec2:AuthorizeSecurityGroupIngress", | |
| "ec2:CopyImage", | |
| "ec2:CreateNetworkInterface", | |
| "ec2:AttachNetworkInterface", | |
| "ec2:CreateSecurityGroup", | |
| "ec2:CreateTags", | |
| "ec2:CreateVolume", | |
| "ec2:DeleteSecurityGroup", | |
| "ec2:DeleteSnapshot", | |
| "ec2:DeleteTags", | |
| "ec2:DeregisterImage", | |
| "ec2:DescribeAccountAttributes", | |
| "ec2:DescribeAddresses", | |
| "ec2:DescribeAvailabilityZones", | |
| "ec2:DescribeDhcpOptions", | |
| "ec2:DescribeImages", | |
| "ec2:DescribeInstanceAttribute", | |
| "ec2:DescribeInstanceCreditSpecifications", | |
| "ec2:DescribeInstances", | |
| "ec2:DescribeInstanceTypes", | |
| "ec2:DescribeInternetGateways", | |
| "ec2:DescribeKeyPairs", | |
| "ec2:DescribeNatGateways", | |
| "ec2:DescribeNetworkAcls", | |
| "ec2:DescribeNetworkInterfaces", | |
| "ec2:DescribePrefixLists", | |
| "ec2:DescribeRegions", | |
| "ec2:DescribeRouteTables", | |
| "ec2:DescribeSecurityGroups", | |
| "ec2:DescribeSubnets", | |
| "ec2:DescribeTags", | |
| "ec2:DescribeVolumes", | |
| "ec2:DescribeVpcAttribute", | |
| "ec2:DescribeVpcClassicLink", | |
| "ec2:DescribeVpcClassicLinkDnsSupport", | |
| "ec2:DescribeVpcEndpoints", | |
| "ec2:DescribeVpcs", | |
| "ec2:GetEbsDefaultKmsKeyId", | |
| "ec2:ModifyInstanceAttribute", | |
| "ec2:ModifyNetworkInterfaceAttribute", | |
| "ec2:RevokeSecurityGroupEgress", | |
| "ec2:RevokeSecurityGroupIngress", | |
| "ec2:RunInstances", | |
| "ec2:TerminateInstances", | |
| "ec2:AllocateAddress", | |
| "ec2:AssociateAddress", | |
| "ec2:AssociateDhcpOptions", | |
| "ec2:AssociateRouteTable", | |
| "ec2:AttachInternetGateway", | |
| "ec2:CreateDhcpOptions", | |
| "ec2:CreateInternetGateway", | |
| "ec2:CreateNatGateway", | |
| "ec2:CreateRoute", | |
| "ec2:CreateRouteTable", | |
| "ec2:CreateSubnet", | |
| "ec2:CreateVpc", | |
| "ec2:CreateVpcEndpoint", | |
| "ec2:ModifySubnetAttribute", | |
| "ec2:ModifyVpcAttribute", | |
| "elasticloadbalancing:AddTags", | |
| "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", | |
| "elasticloadbalancing:AttachLoadBalancerToSubnets", | |
| "elasticloadbalancing:ConfigureHealthCheck", | |
| "elasticloadbalancing:CreateLoadBalancer", | |
| "elasticloadbalancing:CreateLoadBalancerListeners", | |
| "elasticloadbalancing:DeleteLoadBalancer", | |
| "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", | |
| "elasticloadbalancing:DescribeInstanceHealth", | |
| "elasticloadbalancing:DescribeLoadBalancerAttributes", | |
| "elasticloadbalancing:DescribeLoadBalancers", | |
| "elasticloadbalancing:DescribeTags", | |
| "elasticloadbalancing:ModifyLoadBalancerAttributes", | |
| "elasticloadbalancing:RegisterInstancesWithLoadBalancer", | |
| "elasticloadbalancing:SetLoadBalancerPoliciesOfListener", | |
| "elasticloadbalancing:AddTags", | |
| "elasticloadbalancing:CreateListener", | |
| "elasticloadbalancing:CreateLoadBalancer", | |
| "elasticloadbalancing:CreateTargetGroup", | |
| "elasticloadbalancing:DeleteLoadBalancer", | |
| "elasticloadbalancing:DeregisterTargets", | |
| "elasticloadbalancing:DescribeListeners", | |
| "elasticloadbalancing:DescribeLoadBalancerAttributes", | |
| "elasticloadbalancing:DescribeLoadBalancers", | |
| "elasticloadbalancing:DescribeTargetGroupAttributes", | |
| "elasticloadbalancing:DescribeTargetHealth", | |
| "elasticloadbalancing:ModifyLoadBalancerAttributes", | |
| "elasticloadbalancing:ModifyTargetGroup", | |
| "elasticloadbalancing:ModifyTargetGroupAttributes", | |
| "elasticloadbalancing:RegisterTargets", | |
| "iam:AddRoleToInstanceProfile", | |
| "iam:CreateInstanceProfile", | |
| "iam:CreateRole", | |
| "iam:DeleteInstanceProfile", | |
| "iam:DeleteRole", | |
| "iam:DeleteRolePolicy", | |
| "iam:GetInstanceProfile", | |
| "iam:GetRole", | |
| "iam:GetRolePolicy", | |
| "iam:GetUser", | |
| "iam:ListInstanceProfilesForRole", | |
| "iam:ListRoles", | |
| "iam:ListUsers", | |
| "iam:PassRole", | |
| "iam:PutRolePolicy", | |
| "iam:RemoveRoleFromInstanceProfile", | |
| "iam:SimulatePrincipalPolicy", | |
| "iam:TagRole", | |
| "RequiredRoute53permissionsforinstallation", | |
| "route53:ChangeResourceRecordSets", | |
| "route53:ChangeTagsForResource", | |
| "route53:CreateHostedZone", | |
| "route53:DeleteHostedZone", | |
| "route53:GetChange", | |
| "route53:GetHostedZone", | |
| "route53:ListHostedZones", | |
| "route53:ListHostedZonesByName", | |
| "route53:ListResourceRecordSets", | |
| "route53:ListTagsForResource", | |
| "route53:UpdateHostedZoneComment", | |
| "s3:CreateBucket", | |
| "s3:DeleteBucket", | |
| "s3:GetAccelerateConfiguration", | |
| "s3:GetBucketAcl", | |
| "s3:GetBucketCors", | |
| "s3:GetBucketLocation", | |
| "s3:GetBucketLogging", | |
| "s3.GetBucketPolicy", | |
| "s3:GetBucketObjectLockConfiguration", | |
| "s3:GetBucketReplication", | |
| "s3:GetBucketRequestPayment", | |
| "s3:GetBucketTagging", | |
| "s3:GetBucketVersioning", | |
| "s3:GetBucketWebsite", | |
| "s3:GetEncryptionConfiguration", | |
| "s3:GetLifecycleConfiguration", | |
| "s3:GetReplicationConfiguration", | |
| "s3:ListBucket", | |
| "s3:PutBucketAcl", | |
| "s3:PutBucketTagging", | |
| "s3:PutEncryptionConfiguration", | |
| "s3:DeleteObject", | |
| "s3:GetObject", | |
| "s3:GetObjectAcl", | |
| "s3:GetObjectTagging", | |
| "s3:GetObjectVersion", | |
| "s3:PutObject", | |
| "s3:PutObjectAcl", | |
| "s3:PutObjectTagging", | |
| "autoscaling:DescribeAutoScalingGroups", | |
| "ec2:DeletePlacementGroup", | |
| "ec2:DeleteNetworkInterface", | |
| "ec2:DeleteVolume", | |
| "elasticloadbalancing:DeleteTargetGroup", | |
| "elasticloadbalancing:DescribeTargetGroups", | |
| "iam:DeleteAccessKey", | |
| "iam:DeleteUser", | |
| "iam:ListAttachedRolePolicies", | |
| "iam:ListInstanceProfiles", | |
| "iam:ListRolePolicies", | |
| "iam:ListUserPolicies", | |
| "s3:DeleteObject", | |
| "s3:ListBucketVersions", | |
| "tag:GetResources", | |
| "ec2:DeleteDhcpOptions", | |
| "ec2:DeleteInternetGateway", | |
| "ec2:DeleteNatGateway", | |
| "ec2:DeleteRoute", | |
| "ec2:DeleteRouteTable", | |
| "ec2:DeleteSubnet", | |
| "ec2:DeleteVpc", | |
| "ec2:DeleteVpcEndpoints", | |
| "ec2:DetachInternetGateway", | |
| "ec2:DisassociateRouteTable", | |
| "ec2:ReleaseAddress", | |
| "ec2:ReplaceRouteTableAssociation", | |
| "iam:UntagRole", | |
| "iam:DeleteAccessKey", | |
| "iam:DeleteUser", | |
| "iam:DeleteUserPolicy", | |
| "iam:GetUserPolicy", | |
| "iam:ListAccessKeys", | |
| "iam:PutUserPolicy", | |
| "iam:TagUser", | |
| "iam:GetUserPolicy", | |
| "iam:ListAccessKeys", | |
| "s3:PutBucketPublicAccessBlock", | |
| "s3:GetBucketPublicAccessBlock", | |
| "s3:PutLifecycleConfiguration", | |
| "s3:HeadBucket", | |
| "s3:ListBucketMultipartUploads", | |
| "s3:AbortMultipartUpload", | |
| "ec2:DescribeInstanceTypeOfferings", | |
| "servicequotas:ListAWSDefaultServiceQuotas" | |
| ], | |
| "Resource": "*", | |
| "Effect": "Allow" | |
| }] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment