/
AUTOMATE+ (continuous compliance) AWS Cross Account Role Post-Deployment Permissions

AUTOMATE+ (continuous compliance) AWS Cross Account Role Post-Deployment Permissions

Owned by Paul Tompkins (Unlicensed)
Last updated: Mar 17, 2025 by 6pillars
1 min read

Post Deployment Permissions

[ { "Version": "2012-10-17", "Statement": [ { "Action": [ "securityhub:UpdateStandardsControl", "securityhub:DescribeStandardsControls", "securityhub:GetEnabledStandards", "securityhub:GetFindings", "securityhub:ListMembers", "securityhub:ListStandardsControlAssociations", "securityhub:BatchUpdateStandardsControlAssociations" ], "Resource": "*", "Effect": "Allow" } ] }, { "Version": "2012-10-17", "Statement": [ { "Action": [ "wellarchitected:CreateWorkload", "wellarchitected:UpdateAnswer", "wellarchitected:CreateMilestone", "wellarchitected:DeleteWorkload", "wellarchitected:List*", "wellarchitected:Get*" ], "Resource": "*", "Effect": "Allow" } ] }, { "Version": "2012-10-17", "Statement": [ { "Action": "support:DescribeSeverityLevels", "Resource": "*", "Effect": "Allow" } ] }, { "Version": "2012-10-17", "Statement": [ { "Action": [ "cloudtrail:DescribeTrails", "sns:ListTopics", "sns:GetTopicAttributes" ], "Resource": "*", "Effect": "Allow" }, { "Action": "sns:Subscribe", "Resource": "*", "Effect": "Allow" }, { "Action": [ "ssm:GetParameter", "ssm:PutParameter" ], "Resource": [ "arn:aws:ssm:*:*:parameter/Solutions/SO0111/Metrics_LogGroupName", "arn:aws:ssm:*:*:parameter/Solutions/SO0111/SNS_Topic_CIS3.x" ], "Effect": "Allow" }, { "Action": "cloudtrail:UpdateTrail", "Resource": "*", "Effect": "Allow" }, { "Action": "iam:PassRole", "Resource": "arn:aws:iam::*:role/SO0111-CloudTrailToCloudWatchLogs", "Effect": "Allow" } ] }, { "Version": "2012-10-17", "Statement": [ { "Action": [ "iam:ListRolePolicies", "iam:GetRolePolicy" ], "Resource": [ "arn:aws:iam::*:role/SixPillarsEnableGuardDutyRole", "arn:aws:iam::*:role/SixPillarsEnableMacieRole", "arn:aws:iam::*:role/SixPillarsEnableInspectorRole" ], "Effect": "Allow" } ] } ]

Related content