Skip to content

Commit

Permalink
Fix: Alarm api_unauthorized for HeadBucket/Object from AssumedRole az…
Browse files Browse the repository at this point in the history 
…ul-gitlab (#6141)
  • Loading branch information
@dsotirho-ucsc
dsotirho-ucsc committed Apr 9, 2024
1 parent 20ee084 commit 6da2f86
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion terraform/gitlab/gitlab.tf.json.template.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -345,7 +345,10 @@ def qq(*words):
'edu-ucsc-gi-azul-*',
'*.azul.data.humancellatlas.org',
]
)
) + [
f'amazon-ssm-packages-{aws.region_name}',
f'aws-ssm-document-attachments-{aws.region_name}'
]
)
},

Expand Down Expand Up @@ -949,7 +952,9 @@ def qq(*words):
's3:HeadObject'
],
'resources': [
f'arn:aws:s3:::amazon-ssm-packages-{aws.region_name}',
f'arn:aws:s3:::amazon-ssm-packages-{aws.region_name}/*',
f'arn:aws:s3:::aws-ssm-document-attachments-{aws.region_name}',
f'arn:aws:s3:::aws-ssm-document-attachments-{aws.region_name}/*'
]
}
Expand Down

0 comments on commit 6da2f86

Please sign in to comment.