remove CodeBuildRole

rrigato · Dec 17, 2023 · e2e803a · e2e803a
1 parent 93d36b3
commit e2e803a
Showing 1 changed file with 0 additions and 89 deletions.
diff --git a/templates/code_pipeline.yml b/templates/code_pipeline.yml
@@ -162,95 +162,6 @@ Resources:
             RunOrder: 1
 
 
-####################################
-#Role that will be assumed when
-#CodeBuild runs for dev
-#
-####################################
-  CodeBuildRole:
-    Type: AWS::IAM::Role
-    Properties:
-      AssumeRolePolicyDocument:
-        Statement:
-        - Action: ['sts:AssumeRole']
-          Effect: Allow
-          Principal:
-            Service: [codebuild.amazonaws.com]
-        Version: '2012-10-17'
-      ManagedPolicyArns:
-        - arn:aws:iam::aws:policy/AWSCloudFormationFullAccess
-        - arn:aws:iam::aws:policy/AWSCodeCommitPowerUser
-        - arn:aws:iam::aws:policy/CloudWatchLogsFullAccess
-      Path: /
-      Policies:
-          - PolicyName: CodeBuildCustomerManaged
-            PolicyDocument:
-              Version: "2012-10-17"
-              Statement:
-                - Sid: IAMallow
-                  Effect: Allow
-                  #######################################
-                  #Allowing lambda to perform a PutItem on
-                  #DynamoDB
-                  #
-                  #######################################
-                  Action:
-                    - iam:PassRole
-                    - iam:CreateRole
-                    - iam:DeleteRole
-                    - iam:GetRole
-                    - iam:UpdateAssumeRolePolicy
-                    - iam:DetachRolePolicy
-                    - iam:DeleteRolePolicy
-                    - iam:PutRolePolicy
-                    - iam:AttachRolePolicy
-                    - iam:TagRole
-                  Resource:
-                    - "*"
-                #######################
-                #Permissions needed for aws
-                #CodeBuild service to run
-                #######################
-                - Sid: S3WebsiteCreation
-                  Effect: Allow
-                  #######################################
-                  #Allowing CodeBuild to create
-                  #resources necessary for s3 static webpage
-                  #
-                  #######################################
-                  Action:
-                    - s3:CreateBucket
-                    - s3:DeleteBucket
-                    - s3:DeleteBucketPolicy
-                    - s3:DeleteObject
-                    - s3:GetBucketAcl
-                    - s3:GetBucketLocation
-                    - s3:GetObject
-                    - s3:GetObjectVersion
-                    - s3:ListBucket
-                    - s3:ListAllMyBuckets
-                    - s3:PutBucketCORS
-                    - s3:PutBucketPolicy
-                    - s3:PutBucketWebsite
-                    - s3:PutObject
-
-                  Resource:
-                    - "*"
-                #######################
-                #Permissions needed for aws
-                #CodeBuild to access client secrets
-                #######################
-                - Sid: SecretsManagerAccess
-                  Effect: Allow
-                  Action:
-                    - secretsmanager:GetSecretValue # pragma: allowlist secret
-                    - secretsmanager:UpdateSecret # pragma: allowlist secret
-                    - secretsmanager:DeleteSecret # pragma: allowlist secret
-                  Resource:
-                    - "*"
-
-
-
 
 ####################
 #Role assumed by cloudformation