Skip to content

Commit

Permalink
one resource in apigateway
Browse files Browse the repository at this point in the history
  • Loading branch information
@jjzhangjjzhang
jjzhangjjzhang committed Dec 13, 2023
1 parent 6ea021d commit a4f583b
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,7 @@ The audit policy is comprised of the following permissions:
| | sso:DescribeInstanceAccessControlAttributeConfiguration | |
| | sso:GetInlinePolicyForPermissionSet | |
| GLACIER | glacier:ListTagsForVault | * |
| APIGATEWAY | apigateway:GET | * |
| APIGATEWAY | apigateway:GET | arn:aws:apigateway:*::/apikeys/* |
| WAFREGIONAL | waf-regional:ListRules | * |
| | waf-regional:GetRule | |
| | waf-regional:ListRuleGroups | |
Expand Down
4 changes: 2 additions & 2 deletions main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,15 +94,15 @@ data "aws_iam_policy_document" "lacework_audit_policy" {
statement {
sid = "APIGATEWAY"
actions = ["apigateway:GET"]
resources = ["*"]
resources = ["arn:aws:apigateway:*::/apikeys/*"]
}

statement {
sid = "GLACIER"
actions = ["glacier:ListTagsForVault"]
resources = ["*"]
}

statement {
sid = "WAFREGIONAL"
actions = ["waf-regional:ListRules",
Expand Down

0 comments on commit a4f583b

Please sign in to comment.