@devramps/cli 0.1.16 → 0.1.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +19 -1
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -2030,7 +2030,9 @@ function buildOrgRolePolicies(orgSlug) {
|
|
|
2030
2030
|
Action: [
|
|
2031
2031
|
"kms:Encrypt",
|
|
2032
2032
|
"kms:Decrypt",
|
|
2033
|
-
"kms:GenerateDataKey*"
|
|
2033
|
+
"kms:GenerateDataKey*",
|
|
2034
|
+
"kms:DescribeKey",
|
|
2035
|
+
"kms:CreateGrant"
|
|
2034
2036
|
],
|
|
2035
2037
|
Resource: "*",
|
|
2036
2038
|
Condition: {
|
|
@@ -2077,6 +2079,22 @@ function buildOrgRolePolicies(orgSlug) {
|
|
|
2077
2079
|
"s3:GetBucketLocation"
|
|
2078
2080
|
],
|
|
2079
2081
|
Resource: "*"
|
|
2082
|
+
},
|
|
2083
|
+
{
|
|
2084
|
+
Sid: "AllowSecretsManagerOperations",
|
|
2085
|
+
Effect: "Allow",
|
|
2086
|
+
Action: [
|
|
2087
|
+
"secretsmanager:CreateSecret",
|
|
2088
|
+
"secretsmanager:GetSecretValue",
|
|
2089
|
+
"secretsmanager:PutSecretValue",
|
|
2090
|
+
"secretsmanager:UpdateSecret",
|
|
2091
|
+
"secretsmanager:DeleteSecret",
|
|
2092
|
+
"secretsmanager:DescribeSecret",
|
|
2093
|
+
"secretsmanager:TagResource"
|
|
2094
|
+
],
|
|
2095
|
+
Resource: {
|
|
2096
|
+
"Fn::Sub": "arn:aws:secretsmanager:*:${AWS::AccountId}:secret:devramps/*"
|
|
2097
|
+
}
|
|
2080
2098
|
}
|
|
2081
2099
|
]
|
|
2082
2100
|
}
|