|
350 | 350 | { |
351 | 351 | "Effect" : "Allow", |
352 | 352 | "Action" : [ |
353 | | - "elasticloadbalancing:RegisterInstancesWithLoadBalancer" |
| 353 | + "elasticloadbalancing:RegisterInstancesWithLoadBalancer", |
| 354 | + "elasticloadbalancing:CreateLoadBalancerListeners", |
| 355 | + "elasticloadbalancing:CreateLoadBalancerPolicy", |
| 356 | + "elasticloadbalancing:SetLoadBalancerPoliciesOfListener" |
354 | 357 | ], |
355 | | - "Resource" : { |
356 | | - "Fn::Join" : [ |
357 | | - "", |
358 | | - [ |
359 | | - "arn:aws:elasticloadbalancing:", |
360 | | - { "Ref" : "AWS::Region"}, |
361 | | - ":", |
362 | | - { "Ref" : "AWS::AccountId" }, |
363 | | - ":loadbalancer/", |
364 | | - { "Ref" : "DSIELB" } |
365 | | - ] |
366 | | - ] |
367 | | - } |
| 358 | + "Resource" : { |
| 359 | + "Fn::Join" : [ |
| 360 | + "", |
| 361 | + [ |
| 362 | + "arn:aws:elasticloadbalancing:", |
| 363 | + { |
| 364 | + "Ref" : "AWS::Region" |
| 365 | + }, |
| 366 | + ":", |
| 367 | + { |
| 368 | + "Ref" : "AWS::AccountId" |
| 369 | + }, |
| 370 | + ":loadbalancer/", |
| 371 | + { |
| 372 | + "Ref" : "DSIELB" |
| 373 | + } |
| 374 | + ] |
| 375 | + ] |
| 376 | + } |
368 | 377 | }, |
369 | 378 | { |
370 | 379 | "Effect" : "Allow", |
371 | 380 | "Action" : [ |
372 | | - "elasticloadbalancing:RegisterInstancesWithLoadBalancer" |
| 381 | + "elasticloadbalancing:RegisterInstancesWithLoadBalancer", |
| 382 | + "elasticloadbalancing:CreateLoadBalancerListeners", |
| 383 | + "elasticloadbalancing:CreateLoadBalancerPolicy", |
| 384 | + "elasticloadbalancing:SetLoadBalancerPoliciesOfListener" |
373 | 385 | ], |
374 | | - "Resource" : { |
375 | | - "Fn::Join" : [ |
376 | | - "", |
377 | | - [ |
378 | | - "arn:aws:elasticloadbalancing:", |
379 | | - { "Ref" : "AWS::Region"}, |
380 | | - ":", |
381 | | - { "Ref" : "AWS::AccountId" }, |
382 | | - ":loadbalancer/", |
383 | | - { "Ref" : "PrivateDSIELB" } |
384 | | - ] |
385 | | - ] |
386 | | - } |
387 | | - } |
| 386 | + "Resource" : { |
| 387 | + "Fn::Join" : [ |
| 388 | + "", |
| 389 | + [ |
| 390 | + "arn:aws:elasticloadbalancing:", |
| 391 | + { |
| 392 | + "Ref" : "AWS::Region" |
| 393 | + }, |
| 394 | + ":", |
| 395 | + { |
| 396 | + "Ref" : "AWS::AccountId" |
| 397 | + }, |
| 398 | + ":loadbalancer/", |
| 399 | + { |
| 400 | + "Ref" : "PrivateDSIELB" |
| 401 | + } |
| 402 | + ] |
| 403 | + ] |
| 404 | + } |
| 405 | + }, |
| 406 | + { |
| 407 | + "Effect" : "Allow", |
| 408 | + "Action" : [ |
| 409 | + "iam:UploadServerCertificate", |
| 410 | + "iam:GetServerCertificate" |
| 411 | + ], |
| 412 | + "Resource" : { |
| 413 | + "Fn::Join" : [ |
| 414 | + "", |
| 415 | + [ |
| 416 | + "arn:aws:iam::", |
| 417 | + { |
| 418 | + "Ref" : "AWS::AccountId" |
| 419 | + }, |
| 420 | + ":server-certificate/DeepSecurityElbCertificate-", |
| 421 | + { |
| 422 | + "Ref" : "AWS::StackName" |
| 423 | + } |
| 424 | + ] |
| 425 | + ] |
| 426 | + } |
| 427 | + }, |
| 428 | + { |
| 429 | + "Effect" : "Allow", |
| 430 | + "Action" : [ |
| 431 | + "elasticloadbalancing:DescribeLoadBalancers" |
| 432 | + ], |
| 433 | + "Resource" : "*" |
| 434 | + } |
388 | 435 | ] |
389 | 436 | } |
390 | 437 | }, |
|
0 commit comments