Skip to content

Commit

Permalink
Correctly set actions in bucket access policy
Browse files Browse the repository at this point in the history
  • Loading branch information
@gi-erre
gi-erre committed Nov 2, 2023
1 parent 5a5a0b1 commit 8ec33e1
Show file tree
Hide file tree
Showing 4 changed files with 8 additions and 8 deletions.
4 changes: 2 additions & 2 deletions templates_cloudlogs/CloudLogs.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,14 +71,14 @@ Resources:
- Sid: "CloudlogsS3AccessGet"
Effect: "Allow"
Action:
- "s3:Get*"
- "s3:List*"
Resource:
- !Sub '${BucketARN}'
- !Sub '${BucketARN}/*'
- Sid: "CloudlogsS3AccessList"
Effect: "Allow"
Action:
- "s3:List*"
- "s3:Get*"
Resource:
- !Sub '${BucketARN}/AWSLogs/${AccountID}'
- !Sub '${BucketARN}/AWSLogs/${AccountID}/*'
Expand Down
4 changes: 2 additions & 2 deletions templates_cloudlogs/OrgCloudLogs.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,14 +78,14 @@ Resources:
- Sid: "CloudlogsS3AccessGet"
Effect: "Allow"
Action:
- "s3:Get*"
- "s3:List*"
Resource:
- !Sub '${BucketARN}'
- !Sub '${BucketARN}/*'
- Sid: "CloudlogsS3AccessList"
Effect: "Allow"
Action:
- "s3:List*"
- "s3:Get*"
Resource:
- !Sub '${BucketARN}/AWSLogs/${AccountID}'
- !Sub '${BucketARN}/AWSLogs/${AccountID}/*'
Expand Down
4 changes: 2 additions & 2 deletions templates_cspm_cloudlogs/FullInstall.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,14 +91,14 @@ Resources:
- Sid: "CloudlogsS3AccessGet"
Effect: "Allow"
Action:
- "s3:Get*"
- "s3:List*"
Resource:
- !Sub '${BucketARN}'
- !Sub '${BucketARN}/*'
- Sid: "CloudlogsS3AccessList"
Effect: "Allow"
Action:
- "s3:List*"
- "s3:Get*"
Resource:
- !Sub '${BucketARN}/AWSLogs/${AccountID}'
- !Sub '${BucketARN}/AWSLogs/${AccountID}/*'
Expand Down
4 changes: 2 additions & 2 deletions templates_cspm_cloudlogs/OrgFullInstall.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,14 +96,14 @@ Resources:
- Sid: "CloudlogsS3AccessGet"
Effect: "Allow"
Action:
- "s3:Get*"
- "s3:List*"
Resource:
- !Sub '${BucketARN}'
- !Sub '${BucketARN}/*'
- Sid: "CloudlogsS3AccessList"
Effect: "Allow"
Action:
- "s3:List*"
- "s3:Get*"
Resource:
- !Sub '${BucketARN}/AWSLogs/${AccountID}'
- !Sub '${BucketARN}/AWSLogs/${AccountID}/*'
Expand Down

0 comments on commit 8ec33e1

Please sign in to comment.