To deploy AUTOMATE LIGHT, AUTOMATE READ ONLY & AUTOMATE+ it is a requirement to be logged into the appropriate AWS account with one of the two methods:
...
| Code Block | ||
|---|---|---|
| ||
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Statement1",
"Effect": "Allow",
"Action": [
"s3:GetObject",
"iamsns:ListRolesListTopics",
"iamcloudformation:GetRole*",
"iamwellarchitected:CreateRole*",
"iamsecurityhub:PutRolePolicy*",
"snsconfig:ListTopics*",
"cloudformation:*"],
"wellarchitected:*","Resource": [
"securityhub:*",
]
"config:*" },
],{
"ResourceSid": "Statement2",
[ "Effect": "Allow",
"*" "Action": [
] }, "iam:ListRoles",
{ "Sid": "Statement2iam:GetRole",
"Effect": "Allowiam:CreateRole",
"Action": [iam:PutRolePolicy",
"iam:DeleteRole",
"iam:DeleteRolePolicy",
"iam:DetachRolePolicy",
"iam:GetRolePolicy",
"iam:ListRolePolicies"
],
"Resource": [
"arn:aws:iam::*:role/SO0111*",
"arn:aws:iam::*:role/six-pillars*"
]
}
]
} |
...