Skip to content

Commit e076f24

Browse files
author
MAMIP Bot
committed
AmazonECSInfrastructureRolePolicyForServiceConnectTransportLayerSecurity - Policy Version v2
1 parent 70c0b8c commit e076f24

File tree

1 file changed

+15
-3
lines changed

1 file changed

+15
-3
lines changed

policies/AmazonECSInfrastructureRolePolicyForServiceConnectTransportLayerSecurity

Lines changed: 15 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"PolicyVersion": {
3-
"CreateDate": "2024-01-19T20:08:36Z",
4-
"VersionId": "v1",
3+
"CreateDate": "2025-11-13T22:34:08Z",
4+
"VersionId": "v2",
55
"Document": {
66
"Version": "2012-10-17",
77
"Statement": [
@@ -43,7 +43,6 @@
4343
},
4444
{
4545
"Action": [
46-
"secretsmanager:DescribeSecret",
4746
"secretsmanager:UpdateSecret",
4847
"secretsmanager:GetSecretValue",
4948
"secretsmanager:PutSecretValue",
@@ -61,6 +60,19 @@
6160
},
6261
"Sid": "RotateTLSCertificateSecret"
6362
},
63+
{
64+
"Action": [
65+
"secretsmanager:DescribeSecret"
66+
],
67+
"Resource": "arn:aws:secretsmanager:*:*:secret:ecs-sc!*",
68+
"Effect": "Allow",
69+
"Condition": {
70+
"StringEquals": {
71+
"aws:ResourceAccount": "${aws:PrincipalAccount}"
72+
}
73+
},
74+
"Sid": "DescribeTLSCertificateSecret"
75+
},
6476
{
6577
"Action": [
6678
"acm-pca:GetCertificate",

0 commit comments

Comments
 (0)