Skip to content

Commit

Permalink
update domains broker to do GetServerCertificate on all IAM certifica…
Browse files Browse the repository at this point in the history 
…te resources in the same account (#1723)
  • Loading branch information
@markdboyd
markdboyd authored Aug 8, 2024
1 parent c589ddb commit e5119d8
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions terraform/stacks/main/domains_broker.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -418,7 +418,6 @@ resource "aws_iam_policy" "domains_broker" {
{
"Effect": "Allow",
"Action": [
"iam:GetServerCertificate",
"iam:UploadServerCertificate",
"iam:DeleteServerCertificate"
],
Expand All @@ -429,10 +428,11 @@ resource "aws_iam_policy" "domains_broker" {
{
"Effect": "Allow",
"Action": [
"iam:GetServerCertificate",
"iam:ListServerCertificates"
],
"Resource": [
"*"
"arn:${data.aws_partition.current.partition}:iam::${data.aws_caller_identity.current.account_id}:server-certificate/*"
]
},
{
Expand Down

0 comments on commit e5119d8

Please sign in to comment.