Skip to content

Commit

Permalink
Adding additional orgs permissions (#13)
Browse files Browse the repository at this point in the history 
Co-authored-by: Miki Padhiary <[email protected]>
  • Loading branch information
@mikip91
mikip91 and Miki Padhiary committed Sep 7, 2023
1 parent acce8ce commit cf4caba
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 1 deletion.
8 changes: 7 additions & 1 deletion aws-controltower-enabledcontrol/aws-controltower-enabledcontrol.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,13 @@
"controltower:ListEnabledControls",
"controltower:GetControlOperation",
"controltower:EnableControl",
"organizations:UpdatePolicy"
"organizations:UpdatePolicy",
"organizations:CreatePolicy",
"organizations:AttachPolicy",
"organizations:DetachPolicy",
"organizations:ListPoliciesForTarget",
"organizations:ListTargetsForPolicy",
"organizations:DescribePolicy"
]
},
"delete": {
Expand Down
6 changes: 6 additions & 0 deletions aws-controltower-enabledcontrol/resource-role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,12 @@ Resources:
- "controltower:GetControlOperation"
- "controltower:ListEnabledControls"
- "organizations:UpdatePolicy"
- "organizations:CreatePolicy"
- "organizations:AttachPolicy"
- "organizations:DetachPolicy"
- "organizations:ListPoliciesForTarget"
- "organizations:ListTargetsForPolicy"
- "organizations:DescribePolicy"
Resource: "*"
Outputs:
ExecutionRoleArn:
Expand Down

0 comments on commit cf4caba

Please sign in to comment.