mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-25 07:29:38 -05:00
terraform: add necessary IAM permissions for AWS
This commit is contained in:
parent
be2b38f2ac
commit
d979aeea2d
@ -105,7 +105,11 @@ resource "aws_iam_policy" "control_plane_policy" {
|
||||
"elasticloadbalancing:DeregisterTargets",
|
||||
"elasticloadbalancing:SetLoadBalancerPoliciesOfListener",
|
||||
"iam:CreateServiceLinkedRole",
|
||||
"kms:DescribeKey"
|
||||
"kms:DescribeKey",
|
||||
"logs:DescribeLogGroups",
|
||||
"logs:ListTagsLogGroup",
|
||||
"logs:CreateLogStream",
|
||||
"tag:GetResources"
|
||||
],
|
||||
"Resource": [
|
||||
"*"
|
||||
@ -164,7 +168,11 @@ resource "aws_iam_policy" "worker_node_policy" {
|
||||
"ecr:GetRepositoryPolicy",
|
||||
"ecr:DescribeRepositories",
|
||||
"ecr:ListImages",
|
||||
"ecr:BatchGetImage"
|
||||
"ecr:BatchGetImage",
|
||||
"logs:DescribeLogGroups",
|
||||
"logs:ListTagsLogGroup",
|
||||
"logs:CreateLogStream",
|
||||
"tag:GetResources"
|
||||
],
|
||||
"Resource": "*"
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user