Project

General

Profile

Actions
Copy link

Bug #12

open

[SEC] modification policy codepipeline

Added by UserName LastName 10 months ago. Updated 7 months ago.

Status:
In Progress
Priority:
Normal
Assignee:
John Doe
Start date:
Due date:
% Done:

0%

Estimated time:
(Total: 0:00 h)

Description

Il faudrait modifier la policy de create_ami et deliver_ami pour ne pas autoriser tout les S3

data "aws_iam_policy_document" "codepipeline_policy" {
  statement {
    actions = [
      "s3:*",
      "codecommit:*",
      "codebuild:BatchGetBuilds",
      "codebuild:StartBuild" 
    ]
    resources = [
      "*",
    ]
  }
}

Subtasks 3 (3 open0 closed)

Bug #18: [SEC] Mettre à jour la politique IAM pour restreindre l'accès S3New

Actions
Bug #19: [TEST] Valider la nouvelle politique IAM en environnement de testNew

Actions
Bug #20: [PROD] Déployer la politique IAM sécurisée en productionNew

Actions
Actions
Copy link

Also available in: Atom PDF