| 123456789101112131415161718192021222324252627282930313233 |
- {
- "Version": "2012-10-17",
- "Statement": [
- {
- "Sid": "ServiceBoundaries",
- "Effect": "Allow",
- "Action": [
- "s3:*",
- "ec2:*",
- "lambda:*",
- "logs:*",
- "sqs:*",
- "resource-groups:*",
- "ssm:*",
- "ssmmessages:*",
- "ec2messages:*"
- ],
- "Resource": "*"
- },
- {
- "Sid": "RoleInNamespace",
- "Effect": "Allow",
- "Action": ["iam:PassRole"],
- "Resource": "arn:${aws_partition}:iam::${account_id}:role/${role_namespace}/*"
- },
- {
- "Sid": "Decrypt",
- "Effect": "Allow",
- "Action": ["kms:Decrypt"],
- "Resource": "*"
- }
- ]
- }
|
