[security] ensure deployer role has enough permissions to run CodeDeploy agent
Fixes #20
This commit is contained in:
parent
3ceda6eab6
commit
cea762552c
|
@ -78,7 +78,16 @@ data "aws_iam_policy_document" "codedeploy-policy" {
|
|||
"tag:*",
|
||||
"ec2:DescribeInstances",
|
||||
"ec2:DescribeInstanceStatus",
|
||||
"ec2messages:AcknowledgeMessage",
|
||||
"ec2messages:DeleteMessage",
|
||||
"ec2messages:FailMessage",
|
||||
"ec2messages:GetEndpoint",
|
||||
"ec2messages:GetMessages",
|
||||
"ec2messages:SendReply",
|
||||
"sns:Publish",
|
||||
"ssm:UpdateInstanceInformation",
|
||||
"ssm:ListInstanceAssociations",
|
||||
"ssm:ListAssociations"
|
||||
]
|
||||
|
||||
resources = ["*"]
|
||||
|
|
Loading…
Reference in New Issue