@jaypie/constructs 1.2.26 → 1.2.28
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/index.cjs +6 -5
- package/dist/cjs/index.cjs.map +1 -1
- package/dist/esm/index.js +6 -5
- package/dist/esm/index.js.map +1 -1
- package/package.json +1 -1
package/dist/esm/index.js
CHANGED
|
@@ -3008,18 +3008,18 @@ class JaypieGitHubDeployRole extends Construct {
|
|
|
3008
3008
|
actions: [
|
|
3009
3009
|
"cloudformation:CreateStack",
|
|
3010
3010
|
"cloudformation:DeleteStack",
|
|
3011
|
-
"cloudformation:
|
|
3012
|
-
"cloudformation:DescribeStackResource",
|
|
3013
|
-
"cloudformation:DescribeStackResources",
|
|
3014
|
-
"cloudformation:DescribeStacks",
|
|
3011
|
+
"cloudformation:Describe*",
|
|
3015
3012
|
"cloudformation:GetTemplate",
|
|
3016
3013
|
"cloudformation:SetStackPolicy",
|
|
3017
3014
|
"cloudformation:UpdateStack",
|
|
3018
3015
|
"cloudformation:ValidateTemplate",
|
|
3016
|
+
"ec2:Describe*",
|
|
3019
3017
|
"iam:PassRole",
|
|
3020
3018
|
"route53:ListHostedZones*",
|
|
3021
|
-
"s3:GetObject",
|
|
3019
|
+
"s3:GetObject", // TODO: this should be restricted by bucket
|
|
3022
3020
|
"s3:ListBucket",
|
|
3021
|
+
"ssm:GetParameter",
|
|
3022
|
+
"ssm:GetParameters",
|
|
3023
3023
|
],
|
|
3024
3024
|
effect: Effect.ALLOW,
|
|
3025
3025
|
resources: ["*"],
|
|
@@ -3030,6 +3030,7 @@ class JaypieGitHubDeployRole extends Construct {
|
|
|
3030
3030
|
resources: [
|
|
3031
3031
|
"arn:aws:iam::*:role/cdk-hnb659fds-deploy-role-*",
|
|
3032
3032
|
"arn:aws:iam::*:role/cdk-hnb659fds-file-publishing-*",
|
|
3033
|
+
"arn:aws:iam::*:role/cdk-hnb659fds-lookup-role-*",
|
|
3033
3034
|
"arn:aws:iam::*:role/cdk-readOnlyRole",
|
|
3034
3035
|
],
|
|
3035
3036
|
}));
|