Skip to content

Commit

Permalink
test/open/fence-mapping-fix/ (#100)
Browse files Browse the repository at this point in the history 
# Updating security policies 
* allow dictionary resource to pull fence_mapping.json from s3
  • Loading branch information
@TDeSain
TDeSain authored Oct 23, 2023
1 parent f05f16a commit 53d4695
Showing 1 changed file with 8 additions and 1 deletion.
9 changes: 8 additions & 1 deletion app-infrastructure/s3_roles.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -435,6 +435,12 @@ resource "aws_iam_role_policy" "dictionary-deployment-s3-policy" {
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::${var.stack_s3_bucket}/releases/jenkins_pipeline_build_${var.stack_githash_long}/pic-sure-hpds-dictionary-resource.tar.gz"
},{
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::${var.stack_s3_bucket}/data/${var.dataset_s3_object_key}/fence_mapping.json"
},{
"Action": [
"s3:ListBucket"
Expand All @@ -444,7 +450,8 @@ resource "aws_iam_role_policy" "dictionary-deployment-s3-policy" {
"Condition": {
"StringLike": {
"s3:prefix": [
"releases/jenkins_pipeline_build_${var.stack_githash_long}/*"
"releases/jenkins_pipeline_build_${var.stack_githash_long}/*",
"data/${var.dataset_s3_object_key}/*"
]
}
}
Expand Down

0 comments on commit 53d4695

Please sign in to comment.