AWS policies required by Buddy
This is the list of policies that need to be checked in order to make Buddy work properly with the AWS services.
Amazon S3
s3:ListAllMyBucketss3:GetObjects3:PutObjects3:PutObjectAcl (required for Public flag)s3:DeleteObjects3:ListBucket
CloudFront
cloudfront:ListDistributionscloudfront:CreateInvalidation
CodeDeploy
codedeploy:ListApplicationscodedeploy:ListDeploymentGroupscodedeploy:ListDeploymentConfigscodedeploy:CreateDeploymentcodedeploy:GetDeploymentcodedeploy:GetDeploymentConfigcodedeploy:GetApplicationRevisioncodedeploy:RegisterApplicationRevisions3:ListBuckets3:ListObjectss3:CreateBuckets3:PutObject
ECR
ecr:CreateRepositoryecr:DescribeRepositoriesecr:GetAuthorizationTokenecr:BatchCheckLayerAvailabilityecr:CompleteLayerUploadecr:InitiateLayerUploadecr:PutImageecr:UploadLayerPart
EKS
eks:ListClusterseks:DescribeCluster
Elastic Beanstalk
If you use auto-scaling or load balancing you may need additional permissions. If you’re not sure which permissions to set, check
AWSElasticBeanstalkFullAcces.
elasticbeanstalk:DescribeApplicationselasticbeanstalk:DescribeEnvironmentselasticbeanstalk:CreateApplicationVersionelasticbeanstalk:DescribeApplicationVersionselasticbeanstalk:UpdateApplicationelasticbeanstalk:UpdateEnvironmentelasticbeanstalk:UpdateApplicationVersions3:CreateBuckets3:PutObjects3:GetObjects3:GetObjectAcls3:ListBuckets3:ListBucketscloudformation:GetTemplatecloudformation:ListStackResources
Elastic Beanstalk Monitoring
elasticbeanstalk:DescribeApplicationselasticbeanstalk:DescribeEnvironmentselasticbeanstalk:DescribeEnvironmentHealth
Lambda
lambda:ListFunctionslambda:InvokeFunctionlambda:UpdateFunctionCode
EC2 Container Services
ecs:ListClustersecs:ListServicesecs:RegisterTaskDefinitionecs:DescribeServicesecs:UpdateService
GitHub
Bitbucket
Email