terraform-aws-eks-jx
terraform-aws-eks-jx copied to clipboard
Improve S3 IAM access
Summary
I am noticing that we are using iam::aws:policy/AmazonS3FullAccess
for the build-ctlr. These permission see a bit broad.
Steps to reproduce the behavior
Install
Expected behavior
We only allow the build-ctr iam role to have full access to the buckets that we create.
Actual behavior
We are giving it iam::aws:policy/AmazonS3FullAccess