-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[no ci] Data update on 2025-01-09T04:08:48
- Loading branch information
Showing
6 changed files
with
1,603 additions
and
225 deletions.
There are no files selected for viewing
348 changes: 348 additions & 0 deletions
348
data/json/AWSApplicationMigrationEC2Access/v5/policy.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,348 @@ | ||
| { | ||
| "Version": "2012-10-17", | ||
| "Statement": [ | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": "iam:PassRole", | ||
| "Resource": [ | ||
| "arn:aws:iam::*:role/service-role/AWSApplicationMigrationConversionServerRole" | ||
| ], | ||
| "Condition": { | ||
| "StringEquals": { | ||
| "iam:PassedToService": "ec2.amazonaws.com" | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:DeleteSnapshot" | ||
| ], | ||
| "Resource": "arn:aws:ec2:*:*:snapshot/*", | ||
| "Condition": { | ||
| "Null": { | ||
| "aws:ResourceTag/AWSApplicationMigrationServiceManaged": "false" | ||
| }, | ||
| "Bool": { | ||
| "aws:ViaAWSService": "true" | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:DescribeSnapshots", | ||
| "ec2:DescribeImages", | ||
| "ec2:DescribeVolumes" | ||
| ], | ||
| "Resource": "*", | ||
| "Condition": { | ||
| "ForAnyValue:StringEquals": { | ||
| "aws:CalledVia": [ | ||
| "mgn.amazonaws.com" | ||
| ] | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:CreateLaunchTemplateVersion", | ||
| "ec2:ModifyLaunchTemplate", | ||
| "ec2:DeleteLaunchTemplateVersions" | ||
| ], | ||
| "Resource": "arn:aws:ec2:*:*:launch-template/*", | ||
| "Condition": { | ||
| "Null": { | ||
| "aws:ResourceTag/AWSApplicationMigrationServiceManaged": "false" | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:CreateLaunchTemplate" | ||
| ], | ||
| "Resource": "arn:aws:ec2:*:*:launch-template/*", | ||
| "Condition": { | ||
| "Null": { | ||
| "aws:RequestTag/AWSApplicationMigrationServiceManaged": "false" | ||
| }, | ||
| "ForAnyValue:StringEquals": { | ||
| "aws:CalledVia": [ | ||
| "mgn.amazonaws.com" | ||
| ] | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:DeleteLaunchTemplate" | ||
| ], | ||
| "Resource": "arn:aws:ec2:*:*:launch-template/*", | ||
| "Condition": { | ||
| "Null": { | ||
| "aws:ResourceTag/AWSApplicationMigrationServiceManaged": "false" | ||
| }, | ||
| "ForAnyValue:StringEquals": { | ||
| "aws:CalledVia": [ | ||
| "mgn.amazonaws.com" | ||
| ] | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:DeleteVolume" | ||
| ], | ||
| "Resource": "arn:aws:ec2:*:*:volume/*", | ||
| "Condition": { | ||
| "Null": { | ||
| "aws:ResourceTag/AWSApplicationMigrationServiceManaged": "false" | ||
| }, | ||
| "Bool": { | ||
| "aws:ViaAWSService": "true" | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:StartInstances", | ||
| "ec2:StopInstances", | ||
| "ec2:TerminateInstances", | ||
| "ec2:ModifyInstanceAttribute", | ||
| "ec2:GetConsoleOutput", | ||
| "ec2:GetConsoleScreenshot" | ||
| ], | ||
| "Resource": "arn:aws:ec2:*:*:instance/*", | ||
| "Condition": { | ||
| "Null": { | ||
| "aws:ResourceTag/AWSApplicationMigrationServiceManaged": "false" | ||
| }, | ||
| "Bool": { | ||
| "aws:ViaAWSService": "true" | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:RevokeSecurityGroupEgress", | ||
| "ec2:AuthorizeSecurityGroupIngress", | ||
| "ec2:AuthorizeSecurityGroupEgress" | ||
| ], | ||
| "Resource": "arn:aws:ec2:*:*:security-group/*", | ||
| "Condition": { | ||
| "Null": { | ||
| "aws:ResourceTag/AWSApplicationMigrationServiceManaged": "false" | ||
| }, | ||
| "Bool": { | ||
| "aws:ViaAWSService": "true" | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:CreateVolume" | ||
| ], | ||
| "Resource": "arn:aws:ec2:*:*:volume/*", | ||
| "Condition": { | ||
| "Null": { | ||
| "aws:RequestTag/AWSApplicationMigrationServiceManaged": "false" | ||
| }, | ||
| "Bool": { | ||
| "aws:ViaAWSService": "true" | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": "ec2:CreateSecurityGroup", | ||
| "Resource": "arn:aws:ec2:*:*:vpc/*" | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:CreateSecurityGroup" | ||
| ], | ||
| "Resource": "arn:aws:ec2:*:*:security-group/*", | ||
| "Condition": { | ||
| "Null": { | ||
| "aws:RequestTag/AWSApplicationMigrationServiceManaged": "false" | ||
| }, | ||
| "Bool": { | ||
| "aws:ViaAWSService": "true" | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:CreateSnapshot" | ||
| ], | ||
| "Resource": "arn:aws:ec2:*:*:volume/*", | ||
| "Condition": { | ||
| "Null": { | ||
| "ec2:ResourceTag/AWSApplicationMigrationServiceManaged": "false" | ||
| }, | ||
| "Bool": { | ||
| "aws:ViaAWSService": "true" | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:CreateSnapshot" | ||
| ], | ||
| "Resource": "arn:aws:ec2:*:*:snapshot/*", | ||
| "Condition": { | ||
| "Null": { | ||
| "aws:RequestTag/AWSApplicationMigrationServiceManaged": "false" | ||
| }, | ||
| "Bool": { | ||
| "aws:ViaAWSService": "true" | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:DetachVolume", | ||
| "ec2:AttachVolume" | ||
| ], | ||
| "Resource": "arn:aws:ec2:*:*:instance/*", | ||
| "Condition": { | ||
| "Null": { | ||
| "ec2:ResourceTag/AWSApplicationMigrationServiceManaged": "false" | ||
| }, | ||
| "Bool": { | ||
| "aws:ViaAWSService": "true" | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:AttachVolume" | ||
| ], | ||
| "Resource": "arn:aws:ec2:*:*:volume/*", | ||
| "Condition": { | ||
| "Null": { | ||
| "ec2:ResourceTag/AWSApplicationMigrationServiceManaged": "false" | ||
| }, | ||
| "Bool": { | ||
| "aws:ViaAWSService": "true" | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:DetachVolume" | ||
| ], | ||
| "Resource": "arn:aws:ec2:*:*:volume/*", | ||
| "Condition": { | ||
| "Bool": { | ||
| "aws:ViaAWSService": "true" | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:RunInstances" | ||
| ], | ||
| "Resource": "arn:aws:ec2:*:*:instance/*", | ||
| "Condition": { | ||
| "Null": { | ||
| "aws:RequestTag/AWSApplicationMigrationServiceManaged": "false" | ||
| }, | ||
| "Bool": { | ||
| "aws:ViaAWSService": "true" | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:RunInstances" | ||
| ], | ||
| "Resource": [ | ||
| "arn:aws:ec2:*:*:security-group/*", | ||
| "arn:aws:ec2:*:*:volume/*", | ||
| "arn:aws:ec2:*:*:subnet/*", | ||
| "arn:aws:ec2:*:*:image/*", | ||
| "arn:aws:ec2:*:*:network-interface/*", | ||
| "arn:aws:ec2:*:*:launch-template/*" | ||
| ], | ||
| "Condition": { | ||
| "Bool": { | ||
| "aws:ViaAWSService": "true" | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": "ec2:CreateTags", | ||
| "Resource": [ | ||
| "arn:aws:ec2:*:*:security-group/*", | ||
| "arn:aws:ec2:*:*:volume/*", | ||
| "arn:aws:ec2:*:*:snapshot/*", | ||
| "arn:aws:ec2:*:*:instance/*", | ||
| "arn:aws:ec2:*:*:launch-template/*" | ||
| ], | ||
| "Condition": { | ||
| "StringEquals": { | ||
| "ec2:CreateAction": [ | ||
| "CreateSecurityGroup", | ||
| "CreateVolume", | ||
| "CreateSnapshot", | ||
| "RunInstances", | ||
| "CreateLaunchTemplate" | ||
| ] | ||
| }, | ||
| "Bool": { | ||
| "aws:ViaAWSService": "true" | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:CreateTags", | ||
| "ec2:ModifyVolume" | ||
| ], | ||
| "Resource": [ | ||
| "arn:aws:ec2:*:*:volume/*" | ||
| ], | ||
| "Condition": { | ||
| "Null": { | ||
| "ec2:ResourceTag/AWSApplicationMigrationServiceManaged": "false" | ||
| }, | ||
| "Bool": { | ||
| "aws:ViaAWSService": "true" | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "ec2:CreateVolume" | ||
| ], | ||
| "Resource": "arn:aws:ec2:*:*:snapshot/*", | ||
| "Condition": { | ||
| "Null": { | ||
| "aws:ResourceTag/AWSApplicationMigrationServiceManaged": "false" | ||
| }, | ||
| "Bool": { | ||
| "aws:ViaAWSService": "true" | ||
| } | ||
| } | ||
| } | ||
| ] | ||
| } |
Oops, something went wrong.