Skip to content

Commit

Permalink
Include iam:CreateServiceLinkedRole permissions on create handlers (#465
Browse files Browse the repository at this point in the history 
)

Co-authored-by: Diogo Henriques <[email protected]>
Co-authored-by: moataz-mhmd <[email protected]>
  • Loading branch information
@dbbh @moataz-mhmd
3 people authored Sep 28, 2023
1 parent 65307fd commit 71ea68c
Show file tree
Hide file tree
Showing 12 changed files with 12 additions and 0 deletions.
1 change: 1 addition & 0 deletions aws-rds-dbcluster/aws-rds-dbcluster.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -462,6 +462,7 @@
"handlers": {
"create": {
"permissions": [
"iam:CreateServiceLinkedRole",
"iam:PassRole",
"rds:AddRoleToDBCluster",
"rds:AddTagsToResource",
Expand Down
1 change: 1 addition & 0 deletions aws-rds-dbcluster/resource-role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ Resources:
- Effect: Allow
Action:
- "ec2:DescribeSecurityGroups"
- "iam:CreateServiceLinkedRole"
- "iam:PassRole"
- "rds:AddRoleToDBCluster"
- "rds:AddTagsToResource"
Expand Down
1 change: 1 addition & 0 deletions aws-rds-dbclusterparametergroup/aws-rds-dbclusterparametergroup.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,7 @@
"handlers": {
"create": {
"permissions": [
"iam:CreateServiceLinkedRole",
"rds:AddTagsToResource",
"rds:CreateDBClusterParameterGroup",
"rds:DescribeDBClusterParameterGroups",
Expand Down
1 change: 1 addition & 0 deletions aws-rds-dbclusterparametergroup/resource-role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ Resources:
Statement:
- Effect: Allow
Action:
- "iam:CreateServiceLinkedRole"
- "rds:AddTagsToResource"
- "rds:CreateDBClusterParameterGroup"
- "rds:DeleteDBClusterParameterGroup"
Expand Down
1 change: 1 addition & 0 deletions aws-rds-dbparametergroup/aws-rds-dbparametergroup.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,7 @@
"handlers": {
"create": {
"permissions": [
"iam:CreateServiceLinkedRole",
"rds:AddTagsToResource",
"rds:CreateDBParameterGroup",
"rds:DescribeDBParameterGroups",
Expand Down
1 change: 1 addition & 0 deletions aws-rds-dbparametergroup/resource-role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ Resources:
Statement:
- Effect: Allow
Action:
- "iam:CreateServiceLinkedRole"
- "rds:AddTagsToResource"
- "rds:CreateDBParameterGroup"
- "rds:DeleteDBParameterGroup"
Expand Down
1 change: 1 addition & 0 deletions aws-rds-dbsubnetgroup/aws-rds-dbsubnetgroup.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,7 @@
"handlers": {
"create": {
"permissions": [
"iam:CreateServiceLinkedRole",
"rds:CreateDBSubnetGroup",
"rds:DescribeDBSubnetGroups",
"rds:AddTagsToResource",
Expand Down
1 change: 1 addition & 0 deletions aws-rds-dbsubnetgroup/resource-role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ Resources:
Statement:
- Effect: Allow
Action:
- "iam:CreateServiceLinkedRole"
- "rds:AddTagsToResource"
- "rds:CreateDBSubnetGroup"
- "rds:DeleteDBSubnetGroup"
Expand Down
1 change: 1 addition & 0 deletions aws-rds-eventsubscription/aws-rds-eventsubscription.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,7 @@
"handlers": {
"create": {
"permissions": [
"iam:CreateServiceLinkedRole",
"rds:CreateEventSubscription",
"rds:DescribeEventSubscriptions",
"rds:ListTagsForResource",
Expand Down
1 change: 1 addition & 0 deletions aws-rds-eventsubscription/resource-role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ Resources:
Statement:
- Effect: Allow
Action:
- "iam:CreateServiceLinkedRole"
- "rds:AddSourceIdentifierToSubscription"
- "rds:AddTagsToResource"
- "rds:CreateEventSubscription"
Expand Down
1 change: 1 addition & 0 deletions aws-rds-optiongroup/aws-rds-optiongroup.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -145,6 +145,7 @@
"handlers": {
"create": {
"permissions": [
"iam:CreateServiceLinkedRole",
"rds:AddTagsToResource",
"rds:CreateOptionGroup",
"rds:DescribeOptionGroups",
Expand Down
1 change: 1 addition & 0 deletions aws-rds-optiongroup/resource-role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ Resources:
Statement:
- Effect: Allow
Action:
- "iam:CreateServiceLinkedRole"
- "rds:AddTagsToResource"
- "rds:CreateOptionGroup"
- "rds:DeleteOptionGroup"
Expand Down

0 comments on commit 71ea68c

Please sign in to comment.