terraform: add necessary IAM permissions for AWS

This commit is contained in:
Leonard Cohnen 2022-10-24 23:35:51 +02:00 committed by 3u13r
parent be2b38f2ac
commit d979aeea2d

View File

@ -105,7 +105,11 @@ resource "aws_iam_policy" "control_plane_policy" {
"elasticloadbalancing:DeregisterTargets",
"elasticloadbalancing:SetLoadBalancerPoliciesOfListener",
"iam:CreateServiceLinkedRole",
"kms:DescribeKey"
"kms:DescribeKey",
"logs:DescribeLogGroups",
"logs:ListTagsLogGroup",
"logs:CreateLogStream",
"tag:GetResources"
],
"Resource": [
"*"
@ -164,7 +168,11 @@ resource "aws_iam_policy" "worker_node_policy" {
"ecr:GetRepositoryPolicy",
"ecr:DescribeRepositories",
"ecr:ListImages",
"ecr:BatchGetImage"
"ecr:BatchGetImage",
"logs:DescribeLogGroups",
"logs:ListTagsLogGroup",
"logs:CreateLogStream",
"tag:GetResources"
],
"Resource": "*"
}