Created
November 11, 2019 19:41
-
-
Save 0xtf/c852a11f79d2ca3728c475fee09b2224 to your computer and use it in GitHub Desktop.
A minimal IAM policy for usage in CICD giving access to a single bucket and allowing for CloudFront invalidations
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": "s3:*", | |
| "Resource": [ | |
| "arn:aws:s3:::your_website.com", | |
| "arn:aws:s3:::your_website.com/*" | |
| ] | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "cloudfront:CreateInvalidation", | |
| "cloudfront:GetInvalidation", | |
| "cloudfront:ListInvalidations" | |
| ], | |
| "Resource": "*" | |
| } | |
| ] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment