projects
/
awsible
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
add a basic cw alarm
[awsible]
/
infrastructure
/
modules
/
management-stack
/
iam.tf
diff --git
a/infrastructure/modules/management-stack/iam.tf
b/infrastructure/modules/management-stack/iam.tf
index 3f8513448eacfd1bd8e796f55d796b7023dfc803..78783a152464e82df065d7d4381e0daa8a4997ed 100644
(file)
--- a/
infrastructure/modules/management-stack/iam.tf
+++ b/
infrastructure/modules/management-stack/iam.tf
@@
-23,10
+23,15
@@
data "aws_iam_policy_document" "management" {
sid = "AWSControl"
actions = [
"autoscaling:*",
sid = "AWSControl"
actions = [
"autoscaling:*",
+ "cloudwatch:ListMetrics",
+ "cloudwatch:GetMetricStatistics",
+ "cloudwatch:Describe*",
"ec2:*",
"elasticloadbalancing:*",
"iam:PassRole",
"ec2:*",
"elasticloadbalancing:*",
"iam:PassRole",
- "iam:GetServerCertificate"
+ "iam:GetServerCertificate",
+ "logs:DescribeLogStreams",
+ "logs:PutLogEvents",
]
resources = [
"*"
]
resources = [
"*"