aws_pocketknife 0.1.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +11 -0
- data/.rspec +2 -0
- data/.ruby-gemset +1 -0
- data/.ruby-version +1 -0
- data/.travis.yml +1 -0
- data/CODE_OF_CONDUCT.md +49 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +21 -0
- data/README.md +115 -0
- data/Rakefile +22 -0
- data/aws_pocketknife.gemspec +40 -0
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/cert/ca-bundle.crt +3988 -0
- data/exe/pocketknife +5 -0
- data/lib/aws_pocketknife.rb +88 -0
- data/lib/aws_pocketknife/admin/policies/developer_dev_acc.json +10 -0
- data/lib/aws_pocketknife/admin/policies/developer_prd_acc.json +15 -0
- data/lib/aws_pocketknife/admin/policies/tc_devops.json.erb +207 -0
- data/lib/aws_pocketknife/admin/policies/tester_dev_acc.json +176 -0
- data/lib/aws_pocketknife/admin/policies/tester_prd_acc.json +176 -0
- data/lib/aws_pocketknife/admin/policies/web_front_end.json.erb +59 -0
- data/lib/aws_pocketknife/admin/trust_relationships/ec2.json +13 -0
- data/lib/aws_pocketknife/asg.rb +56 -0
- data/lib/aws_pocketknife/cli/ami.rb +24 -0
- data/lib/aws_pocketknife/cli/asg.rb +40 -0
- data/lib/aws_pocketknife/cli/eb.rb +49 -0
- data/lib/aws_pocketknife/cli/ec2.rb +61 -0
- data/lib/aws_pocketknife/cli/elb.rb +20 -0
- data/lib/aws_pocketknife/cli/iam.rb +31 -0
- data/lib/aws_pocketknife/cli/main.rb +34 -0
- data/lib/aws_pocketknife/cli/rds.rb +13 -0
- data/lib/aws_pocketknife/cli/rds_snapshot.rb +44 -0
- data/lib/aws_pocketknife/cli/route53.rb +56 -0
- data/lib/aws_pocketknife/cloudwatch_logs.rb +25 -0
- data/lib/aws_pocketknife/common/logging.rb +31 -0
- data/lib/aws_pocketknife/common/utils.rb +63 -0
- data/lib/aws_pocketknife/ec2.rb +308 -0
- data/lib/aws_pocketknife/elastic_beanstalk.rb +62 -0
- data/lib/aws_pocketknife/elb.rb +25 -0
- data/lib/aws_pocketknife/iam.rb +135 -0
- data/lib/aws_pocketknife/rds.rb +84 -0
- data/lib/aws_pocketknife/route53.rb +234 -0
- data/lib/aws_pocketknife/tasks/asg.rake +18 -0
- data/lib/aws_pocketknife/tasks/cloudwatch.rake +12 -0
- data/lib/aws_pocketknife/tasks/ec2.rake +57 -0
- data/lib/aws_pocketknife/tasks/elastic_beanstalk.rake +25 -0
- data/lib/aws_pocketknife/tasks/elb.rake +13 -0
- data/lib/aws_pocketknife/tasks/iam.rake +57 -0
- data/lib/aws_pocketknife/tasks/route53.rake +64 -0
- data/lib/aws_pocketknife/version.rb +3 -0
- metadata +284 -0
data/exe/pocketknife
ADDED
@@ -0,0 +1,88 @@
|
|
1
|
+
require 'aws_pocketknife/version'
|
2
|
+
require 'aws-sdk-core'
|
3
|
+
|
4
|
+
require 'aws_pocketknife/common/utils'
|
5
|
+
require 'aws_pocketknife/common/logging'
|
6
|
+
|
7
|
+
require 'aws_pocketknife/iam'
|
8
|
+
require 'aws_pocketknife/ec2'
|
9
|
+
require 'aws_pocketknife/route53'
|
10
|
+
require 'aws_pocketknife/asg'
|
11
|
+
require 'aws_pocketknife/cloudwatch_logs'
|
12
|
+
require 'aws_pocketknife/elastic_beanstalk'
|
13
|
+
require 'aws_pocketknife/elb'
|
14
|
+
require 'aws_pocketknife/rds'
|
15
|
+
|
16
|
+
require 'aws_pocketknife/cli/iam'
|
17
|
+
require 'aws_pocketknife/cli/asg'
|
18
|
+
require 'aws_pocketknife/cli/elb'
|
19
|
+
require 'aws_pocketknife/cli/ec2'
|
20
|
+
require 'aws_pocketknife/cli/ami'
|
21
|
+
require 'aws_pocketknife/cli/eb'
|
22
|
+
require 'aws_pocketknife/cli/route53'
|
23
|
+
require 'aws_pocketknife/cli/rds_snapshot'
|
24
|
+
require 'aws_pocketknife/cli/rds'
|
25
|
+
require 'aws_pocketknife/cli/main'
|
26
|
+
|
27
|
+
module AwsPocketknife
|
28
|
+
extend self
|
29
|
+
|
30
|
+
AWS_REGION = ENV['AWS_REGION'] || 'ap-southeast-2'
|
31
|
+
AWS_PROFILE = ENV['AWS_PROFILE'] || nil
|
32
|
+
|
33
|
+
class << self
|
34
|
+
|
35
|
+
def cloudwatch_logs_client
|
36
|
+
@cloudwatch_logs_client ||= Aws::CloudWatchLogs::Client.new(get_client_options)
|
37
|
+
end
|
38
|
+
|
39
|
+
def cf_client
|
40
|
+
@cloud_formation_client ||= Aws::CloudFormation::Client.new(get_client_options)
|
41
|
+
end
|
42
|
+
|
43
|
+
def s3_client
|
44
|
+
@s3_client ||= Aws::S3::Client.new(get_client_options)
|
45
|
+
end
|
46
|
+
|
47
|
+
def elb_client
|
48
|
+
@elb_client ||= Aws::ElasticLoadBalancing::Client.new(get_client_options)
|
49
|
+
end
|
50
|
+
|
51
|
+
def asg_client
|
52
|
+
@asg_client ||= Aws::AutoScaling::Client.new(get_client_options)
|
53
|
+
end
|
54
|
+
|
55
|
+
def elastic_beanstalk_client
|
56
|
+
@elastic_beanstalk_client ||= Aws::ElasticBeanstalk::Client.new(get_client_options)
|
57
|
+
end
|
58
|
+
|
59
|
+
def iam_client
|
60
|
+
@iam_client ||= Aws::IAM::Client.new(get_client_options)
|
61
|
+
end
|
62
|
+
|
63
|
+
def rds_client
|
64
|
+
@rds_client ||= Aws::RDS::Client.new(get_client_options)
|
65
|
+
end
|
66
|
+
|
67
|
+
def ec2_client
|
68
|
+
@ec2_client ||= Aws::EC2::Client.new(get_client_options)
|
69
|
+
end
|
70
|
+
|
71
|
+
def route53_client
|
72
|
+
@route53_client ||= Aws::Route53::Client.new(get_client_options)
|
73
|
+
end
|
74
|
+
|
75
|
+
private
|
76
|
+
|
77
|
+
def get_client_options
|
78
|
+
if AWS_PROFILE.nil?
|
79
|
+
return { retry_limit: 5, region: AWS_REGION }
|
80
|
+
else
|
81
|
+
credentials = Aws::SharedCredentials.new(profile_name: AWS_PROFILE)
|
82
|
+
return { retry_limit: 5, region: AWS_REGION, credentials: credentials }
|
83
|
+
end
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
87
|
+
|
88
|
+
|
@@ -0,0 +1,207 @@
|
|
1
|
+
{
|
2
|
+
"Version": "2012-10-17",
|
3
|
+
"Statement": [
|
4
|
+
{
|
5
|
+
"Effect": "Allow",
|
6
|
+
"Action": [
|
7
|
+
"route53:ListHostedZones",
|
8
|
+
"route53:ChangeResourceRecordSets",
|
9
|
+
"route53:ListResourceRecordSets",
|
10
|
+
"route53:CreateHostedZone",
|
11
|
+
"route53:DeleteHostedZone",
|
12
|
+
"route53:GetHostedZone",
|
13
|
+
"route53:GetChange"
|
14
|
+
],
|
15
|
+
"Resource": "*"
|
16
|
+
},
|
17
|
+
{
|
18
|
+
"Effect": "Allow",
|
19
|
+
"Action": [
|
20
|
+
"cloudwatch:PutMetricData",
|
21
|
+
"logs:CreateLogGroup",
|
22
|
+
"logs:DeleteLogGroup",
|
23
|
+
"logs:CreateLogStream",
|
24
|
+
"logs:DescribeLogGroups",
|
25
|
+
"logs:DescribeLogStreams",
|
26
|
+
"logs:PutRetentionPolicy",
|
27
|
+
"logs:PutLogEvents"
|
28
|
+
],
|
29
|
+
"Resource": "*"
|
30
|
+
},
|
31
|
+
{
|
32
|
+
"Action": [
|
33
|
+
"iam:GetRole",
|
34
|
+
"iam:GetUser",
|
35
|
+
"iam:ListRoles",
|
36
|
+
"iam:AddRoleToInstanceProfile",
|
37
|
+
"iam:ListAttachedRolePolicies",
|
38
|
+
"iam:CreateRole",
|
39
|
+
"iam:DeleteRole",
|
40
|
+
"iam:CreateInstanceProfile",
|
41
|
+
"iam:PutRolePolicy",
|
42
|
+
"iam:DeleteRolePolicy",
|
43
|
+
"iam:RemoveRoleFromInstanceProfile",
|
44
|
+
"iam:DeleteInstanceProfile",
|
45
|
+
"iam:PassRole",
|
46
|
+
"iam:UpdateAssumeRolePolicy"
|
47
|
+
],
|
48
|
+
"Effect": "Allow",
|
49
|
+
"Resource": [
|
50
|
+
"*"
|
51
|
+
]
|
52
|
+
},
|
53
|
+
{
|
54
|
+
"Action": [
|
55
|
+
"s3:*"
|
56
|
+
],
|
57
|
+
"Effect": "Allow",
|
58
|
+
"Resource": [
|
59
|
+
<% buckets.first(buckets.length-1).each do |bucket| %>
|
60
|
+
"<%= bucket %>",
|
61
|
+
<% end %>
|
62
|
+
"<%= buckets.reverse[0] %>"
|
63
|
+
]
|
64
|
+
},
|
65
|
+
{
|
66
|
+
"Action": [
|
67
|
+
"ec2:DeleteSnapshot",
|
68
|
+
"ec2:DescribeSnapshots",
|
69
|
+
"ec2:AllocateAddress",
|
70
|
+
"ec2:CreateKeyPair",
|
71
|
+
"ec2:AssociateAddress",
|
72
|
+
"ec2:AssociateRouteTable",
|
73
|
+
"ec2:AttachInternetGateway",
|
74
|
+
"ec2:AttachVpnGateway",
|
75
|
+
"ec2:AuthorizeSecurityGroupEgress",
|
76
|
+
"ec2:CreateInternetGateway",
|
77
|
+
"ec2:CreateNetworkAcl",
|
78
|
+
"ec2:CreateNetworkAclEntry",
|
79
|
+
"ec2:CreateImage",
|
80
|
+
"ec2:CreateRoute",
|
81
|
+
"ec2:CreateRouteTable",
|
82
|
+
"ec2:CreateSubnet",
|
83
|
+
"ec2:CreateVpc",
|
84
|
+
"ec2:DeleteInternetGateway",
|
85
|
+
"ec2:DeleteNetworkAcl",
|
86
|
+
"ec2:DeleteNetworkAclEntry",
|
87
|
+
"ec2:DeleteRoute",
|
88
|
+
"ec2:DeleteRouteTable",
|
89
|
+
"ec2:DeleteSubnet",
|
90
|
+
"ec2:DeleteTags",
|
91
|
+
"ec2:DeleteVpc",
|
92
|
+
"ec2:DetachVpnGateway",
|
93
|
+
"ec2:DescribeAddresses",
|
94
|
+
"ec2:DescribeAccountAttributes",
|
95
|
+
"ec2:DescribeSubnets",
|
96
|
+
"ec2:DescribeVpcAttribute",
|
97
|
+
"ec2:DescribeVpcs",
|
98
|
+
"ec2:DescribeInternetGateways",
|
99
|
+
"ec2:DescribeNetworkAcls",
|
100
|
+
"ec2:DescribeNetworkInterfaces",
|
101
|
+
"ec2:DescribeRouteTables",
|
102
|
+
"ec2:DescribeVpnGateways",
|
103
|
+
"ec2:DescribeTags",
|
104
|
+
"ec2:CreateTags",
|
105
|
+
"ec2:DescribeInstances",
|
106
|
+
"ec2:DescribeInstanceStatus",
|
107
|
+
"ec2:DeregisterImage",
|
108
|
+
"ec2:DetachInternetGateway",
|
109
|
+
"ec2:DisassociateAddress",
|
110
|
+
"ec2:DisassociateRouteTable",
|
111
|
+
"ec2:ModifyVpcAttribute",
|
112
|
+
"ec2:ModifyInstanceAttribute",
|
113
|
+
"ec2:ReleaseAddress",
|
114
|
+
"ec2:ReplaceNetworkAclAssociation",
|
115
|
+
"ec2:ReplaceNetworkAclEntry",
|
116
|
+
"ec2:ReplaceRouteTableAssociation",
|
117
|
+
"ec2:RevokeSecurityGroupEgress",
|
118
|
+
"ec2:RevokeSecurityGroupIngress",
|
119
|
+
"ec2:CreateKeyPair",
|
120
|
+
"ec2:CreateSecurityGroup",
|
121
|
+
"ec2:DeregisterImage",
|
122
|
+
"ec2:CreateTags",
|
123
|
+
"ec2:CreateVolume",
|
124
|
+
"ec2:DeleteSecurityGroup",
|
125
|
+
"ec2:DescribeAvailabilityZones",
|
126
|
+
"ec2:DescribeImageAttribute",
|
127
|
+
"ec2:DescribeImages",
|
128
|
+
"ec2:DescribeInstances",
|
129
|
+
"ec2:DescribeSecurityGroups",
|
130
|
+
"ec2:DetachVolume",
|
131
|
+
"ec2:EnableVolumeIO",
|
132
|
+
"ec2:GetConsoleOutput",
|
133
|
+
"ec2:GetPasswordData",
|
134
|
+
"ec2:ModifySnapshotAttribute",
|
135
|
+
"ec2:ModifyImageAttribute",
|
136
|
+
"ec2:ModifyVolumeAttribute",
|
137
|
+
"ec2:MonitorInstances",
|
138
|
+
"ec2:RebootInstances",
|
139
|
+
"ec2:ReportInstanceStatus",
|
140
|
+
"ec2:RunInstances",
|
141
|
+
"ec2:StartInstances",
|
142
|
+
"ec2:StopInstances",
|
143
|
+
"ec2:TerminateInstances",
|
144
|
+
"ec2:AuthorizeSecurityGroupIngress",
|
145
|
+
"ec2:AuthorizeSecurityGroupEgress"
|
146
|
+
],
|
147
|
+
"Effect": "Allow",
|
148
|
+
"Resource": "*"
|
149
|
+
},
|
150
|
+
{
|
151
|
+
"Effect": "Allow",
|
152
|
+
"Action": [
|
153
|
+
"rds:AuthorizeDBSecurityGroupIngress",
|
154
|
+
"rds:CreateDBInstance",
|
155
|
+
"rds:CreateDBInstanceReadReplica",
|
156
|
+
"rds:CreateDBParameterGroup",
|
157
|
+
"rds:CreateDBSecurityGroup",
|
158
|
+
"rds:CreateDBSnapshot",
|
159
|
+
"rds:DeleteDBInstance",
|
160
|
+
"rds:DeleteDBParameterGroup",
|
161
|
+
"rds:DeleteDBSecurityGroup",
|
162
|
+
"rds:DeleteDBSnapshot",
|
163
|
+
"rds:DescribeDBEngineVersions",
|
164
|
+
"rds:DescribeDBInstances",
|
165
|
+
"rds:DescribeDBParameterGroups",
|
166
|
+
"rds:DescribeDBParameters",
|
167
|
+
"rds:DescribeDBSecurityGroups",
|
168
|
+
"rds:DescribeDBSnapshots",
|
169
|
+
"rds:DescribeEvents",
|
170
|
+
"rds:ListTagsForResource",
|
171
|
+
"rds:ModifyDBInstance",
|
172
|
+
"rds:ModifyDBParameterGroup",
|
173
|
+
"rds:RebootDBInstance",
|
174
|
+
"rds:ResetDBParameterGroup",
|
175
|
+
"rds:RestoreDBInstanceFromDBSnapshot",
|
176
|
+
"rds:RestoreDBInstanceToPointInTime",
|
177
|
+
"rds:RevokeDBSecurityGroupIngress",
|
178
|
+
"rds:CreateDBSubnetGroup",
|
179
|
+
"rds:DescribeDBSubnetGroup",
|
180
|
+
"rds:DescribeDBSubnetGroups",
|
181
|
+
"rds:DeleteDBSubnetGroup",
|
182
|
+
"rds:AddTagsToResource"
|
183
|
+
],
|
184
|
+
"Resource": "*"
|
185
|
+
},
|
186
|
+
{
|
187
|
+
"Effect": "Allow",
|
188
|
+
"Action": "cloudformation:*",
|
189
|
+
"Resource": "*"
|
190
|
+
},
|
191
|
+
{
|
192
|
+
"Effect": "Allow",
|
193
|
+
"Action": "elasticloadbalancing:*",
|
194
|
+
"Resource": "*"
|
195
|
+
},
|
196
|
+
{
|
197
|
+
"Effect": "Allow",
|
198
|
+
"Action": "cloudwatch:*",
|
199
|
+
"Resource": "*"
|
200
|
+
},
|
201
|
+
{
|
202
|
+
"Effect": "Allow",
|
203
|
+
"Action": "autoscaling:*",
|
204
|
+
"Resource": "*"
|
205
|
+
}
|
206
|
+
]
|
207
|
+
}
|
@@ -0,0 +1,176 @@
|
|
1
|
+
{
|
2
|
+
"Version": "2012-10-17",
|
3
|
+
"Statement": [
|
4
|
+
{
|
5
|
+
"Action": [
|
6
|
+
"acm:DescribeCertificate",
|
7
|
+
"acm:GetCertificate",
|
8
|
+
"acm:ListCertificates",
|
9
|
+
"appstream:Get*",
|
10
|
+
"autoscaling:Describe*",
|
11
|
+
"cloudformation:DescribeStackEvents",
|
12
|
+
"cloudformation:DescribeStackResource",
|
13
|
+
"cloudformation:DescribeStackResources",
|
14
|
+
"cloudformation:DescribeStacks",
|
15
|
+
"cloudformation:GetTemplate",
|
16
|
+
"cloudformation:List*",
|
17
|
+
"cloudfront:Get*",
|
18
|
+
"cloudfront:List*",
|
19
|
+
"cloudsearch:Describe*",
|
20
|
+
"cloudsearch:List*",
|
21
|
+
"cloudtrail:DescribeTrails",
|
22
|
+
"cloudtrail:GetTrailStatus",
|
23
|
+
"cloudwatch:Describe*",
|
24
|
+
"cloudwatch:Get*",
|
25
|
+
"cloudwatch:List*",
|
26
|
+
"codecommit:BatchGetRepositories",
|
27
|
+
"codecommit:Get*",
|
28
|
+
"codecommit:GitPull",
|
29
|
+
"codecommit:List*",
|
30
|
+
"codedeploy:Batch*",
|
31
|
+
"codedeploy:Get*",
|
32
|
+
"codedeploy:List*",
|
33
|
+
"config:Deliver*",
|
34
|
+
"config:Describe*",
|
35
|
+
"config:Get*",
|
36
|
+
"datapipeline:DescribeObjects",
|
37
|
+
"datapipeline:DescribePipelines",
|
38
|
+
"datapipeline:EvaluateExpression",
|
39
|
+
"datapipeline:GetPipelineDefinition",
|
40
|
+
"datapipeline:ListPipelines",
|
41
|
+
"datapipeline:QueryObjects",
|
42
|
+
"datapipeline:ValidatePipelineDefinition",
|
43
|
+
"directconnect:Describe*",
|
44
|
+
"ds:Check*",
|
45
|
+
"ds:Describe*",
|
46
|
+
"ds:Get*",
|
47
|
+
"ds:List*",
|
48
|
+
"ds:Verify*",
|
49
|
+
"dynamodb:BatchGetItem",
|
50
|
+
"dynamodb:DescribeTable",
|
51
|
+
"dynamodb:GetItem",
|
52
|
+
"dynamodb:ListTables",
|
53
|
+
"dynamodb:Query",
|
54
|
+
"dynamodb:Scan",
|
55
|
+
"ec2:Describe*",
|
56
|
+
"ec2:GetConsoleOutput",
|
57
|
+
"ecr:GetAuthorizationToken",
|
58
|
+
"ecr:BatchCheckLayerAvailability",
|
59
|
+
"ecr:GetDownloadUrlForLayer",
|
60
|
+
"ecr:GetManifest",
|
61
|
+
"ecr:DescribeRepositories",
|
62
|
+
"ecr:ListImages",
|
63
|
+
"ecr:BatchGetImage",
|
64
|
+
"ecs:Describe*",
|
65
|
+
"ecs:List*",
|
66
|
+
"elasticache:Describe*",
|
67
|
+
"elasticache:List*",
|
68
|
+
"elasticbeanstalk:Check*",
|
69
|
+
"elasticbeanstalk:Describe*",
|
70
|
+
"elasticbeanstalk:List*",
|
71
|
+
"elasticbeanstalk:RequestEnvironmentInfo",
|
72
|
+
"elasticbeanstalk:RetrieveEnvironmentInfo",
|
73
|
+
"elasticloadbalancing:Describe*",
|
74
|
+
"elasticmapreduce:Describe*",
|
75
|
+
"elasticmapreduce:List*",
|
76
|
+
"elastictranscoder:List*",
|
77
|
+
"elastictranscoder:Read*",
|
78
|
+
"es:DescribeElasticsearchDomain",
|
79
|
+
"es:DescribeElasticsearchDomains",
|
80
|
+
"es:DescribeElasticsearchDomainConfig",
|
81
|
+
"es:ListDomainNames",
|
82
|
+
"es:ListTags",
|
83
|
+
"es:ESHttpGet",
|
84
|
+
"es:ESHttpHead",
|
85
|
+
"events:DescribeRule",
|
86
|
+
"events:ListRuleNamesByTarget",
|
87
|
+
"events:ListRules",
|
88
|
+
"events:ListTargetsByRule",
|
89
|
+
"events:TestEventPattern",
|
90
|
+
"firehose:Describe*",
|
91
|
+
"firehose:List*",
|
92
|
+
"glacier:ListVaults",
|
93
|
+
"glacier:DescribeVault",
|
94
|
+
"glacier:GetDataRetrievalPolicy",
|
95
|
+
"glacier:GetVaultAccessPolicy",
|
96
|
+
"glacier:GetVaultLock",
|
97
|
+
"glacier:GetVaultNotifications",
|
98
|
+
"glacier:ListJobs",
|
99
|
+
"glacier:ListMultipartUploads",
|
100
|
+
"glacier:ListParts",
|
101
|
+
"glacier:ListTagsForVault",
|
102
|
+
"glacier:DescribeJob",
|
103
|
+
"glacier:GetJobOutput",
|
104
|
+
"iam:GenerateCredentialReport",
|
105
|
+
"iam:Get*",
|
106
|
+
"iam:List*",
|
107
|
+
"inspector:Describe*",
|
108
|
+
"inspector:Get*",
|
109
|
+
"inspector:List*",
|
110
|
+
"inspector:LocalizeText",
|
111
|
+
"inspector:PreviewAgentsForResourceGroup",
|
112
|
+
"iot:Describe*",
|
113
|
+
"iot:Get*",
|
114
|
+
"iot:List*",
|
115
|
+
"kinesis:Describe*",
|
116
|
+
"kinesis:Get*",
|
117
|
+
"kinesis:List*",
|
118
|
+
"kms:Describe*",
|
119
|
+
"kms:Get*",
|
120
|
+
"kms:List*",
|
121
|
+
"lambda:List*",
|
122
|
+
"lambda:Get*",
|
123
|
+
"logs:Describe*",
|
124
|
+
"logs:Get*",
|
125
|
+
"logs:TestMetricFilter",
|
126
|
+
"machinelearning:Describe*",
|
127
|
+
"machinelearning:Get*",
|
128
|
+
"mobilehub:GetProject",
|
129
|
+
"mobilehub:ListAvailableFeatures",
|
130
|
+
"mobilehub:ListAvailableRegions",
|
131
|
+
"mobilehub:ListProjects",
|
132
|
+
"mobilehub:ValidateProject",
|
133
|
+
"mobilehub:VerifyServiceRole",
|
134
|
+
"opsworks:Describe*",
|
135
|
+
"opsworks:Get*",
|
136
|
+
"rds:Describe*",
|
137
|
+
"rds:ListTagsForResource",
|
138
|
+
"redshift:Describe*",
|
139
|
+
"redshift:ViewQueriesInConsole",
|
140
|
+
"route53:Get*",
|
141
|
+
"route53:List*",
|
142
|
+
"route53domains:CheckDomainAvailability",
|
143
|
+
"route53domains:GetDomainDetail",
|
144
|
+
"route53domains:GetOperationDetail",
|
145
|
+
"route53domains:ListDomains",
|
146
|
+
"route53domains:ListOperations",
|
147
|
+
"route53domains:ListTagsForDomain",
|
148
|
+
"s3:Get*",
|
149
|
+
"s3:List*",
|
150
|
+
"sdb:GetAttributes",
|
151
|
+
"sdb:List*",
|
152
|
+
"sdb:Select*",
|
153
|
+
"ses:Get*",
|
154
|
+
"ses:List*",
|
155
|
+
"sns:Get*",
|
156
|
+
"sns:List*",
|
157
|
+
"sqs:GetQueueAttributes",
|
158
|
+
"sqs:ListQueues",
|
159
|
+
"sqs:ReceiveMessage",
|
160
|
+
"storagegateway:Describe*",
|
161
|
+
"storagegateway:List*",
|
162
|
+
"swf:Count*",
|
163
|
+
"swf:Describe*",
|
164
|
+
"swf:Get*",
|
165
|
+
"swf:List*",
|
166
|
+
"tag:Get*",
|
167
|
+
"trustedadvisor:Describe*",
|
168
|
+
"waf:Get*",
|
169
|
+
"waf:List*",
|
170
|
+
"workspaces:Describe*"
|
171
|
+
],
|
172
|
+
"Effect": "Allow",
|
173
|
+
"Resource": "*"
|
174
|
+
}
|
175
|
+
]
|
176
|
+
}
|