100daysofdevops
/ cloudwatchpolicy.json
Created
February 22, 2019 17:15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Sid": "VisualEditor0", | |
| "Effect": "Allow", | |
| "Action": [ | |
| "logs:CreateLogStream", | |
| "logs:PutLogEvents" | |
| ], |
100daysofdevops
/ Stoplogging
Created
February 22, 2019 06:08
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Sid": "VisualEditor0", | |
| "Effect": "Deny", | |
| "Action": "cloudtrail:StopLogging", | |
| "Resource": "arn:aws:cloudtrail:us-west-2:123456789:trail/mytestcloudtrail" | |
| } | |
| ] |
100daysofdevops
/ s3bucketpolicy.tf
Created
February 22, 2019 05:12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| provider "aws" { | |
| region = "us-west-2" | |
| } | |
| resource "aws_s3_bucket_policy" "b" { | |
| bucket = "mytests3bucket" | |
| policy = <<POLICY | |
| { | |
| "Version": "2012-10-17", | |
| "Id": "MYBUCKETPOLICY", |
100daysofdevops
/ s3bucketpolicy.json
Created
February 22, 2019 04:58
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Id": "Policy1550810272864", | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Sid": "Stmt1550810271230", | |
| "Action": [ | |
| "s3:GetObject", | |
| "s3:PutObject" |
100daysofdevops
/ s3bucketpolicy.json
Created
February 22, 2019 04:55
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Id": "Policy1550810272864", | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Sid": "Stmt1550810271230", | |
| "Action": [ | |
| "s3:GetObject", | |
| "s3:PutObject" |
100daysofdevops
/ t2userrestrcition.tf
Created
February 20, 2019 21:11
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| provider "aws" { | |
| region = "us-west-2" | |
| } | |
| resource "aws_iam_user" "my-user" { | |
| name = "my-test-user" | |
| } | |
| resource "aws_iam_policy" "t2-instance-restricition-policy" { | |
| name = "t2-instance-restricition-policy" |
100daysofdevops
/ full_policy_with_t2.restriction
Created
February 20, 2019 20:10
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Sid": "VisualEditor0", | |
| "Effect": "Allow", | |
| "Action": [ | |
| "ec2:RunInstances", | |
| "ec2:GetConsoleScreenshot" | |
| ], |
100daysofdevops
/ ec2-t2-restrict-policy
Created
February 20, 2019 19:33
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Sid": "VisualEditor0", | |
| "Effect": "Allow", | |
| "Action": [ | |
| "ec2:RunInstances", | |
| "ec2:GetConsoleScreenshot" | |
| ], |
100daysofdevops
/ gist:7336cfdec779b38718d49d4603cf8432
Created
February 20, 2019 05:49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": "s3:ListAllMyBuckets", | |
| "Resource": "*" | |
| }, | |
| { | |
| "Effect": "Allow", |
100daysofdevops
/ stsassumerole
Created
February 20, 2019 02:55
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": { | |
| "Effect": "Allow", | |
| "Action": "sts:AssumeRole", | |
| "Resource": "arn:aws:iam::PRODUCTION-ACCOUNT-ID:role/UpdateApp" <-- Update the IAM Role we created for Account A | |
| } | |
| } |