You must be logged in to view saved presets
AWS CodeBuild Resource Policy for Report Group
Creates a CodeBuild report group and assigns a resource policy to it, allowing specific actions for the AWS root user.
Terraform Template
data "aws_caller_identity" "current" {
}
data "aws_partition" "current" {
}
resource "aws_codebuild_report_group" "example" {
export_config {
type = "NO_EXPORT"
}
name = "example"
type = "TEST"
}
resource "aws_codebuild_resource_policy" "example" {
policy = jsonencode({
Version = "2012-10-17"
Id = "default"
Statement = [{
Sid = "default"
Effect = "Allow"
Principal = {
AWS = "arn:${data.aws_partition.current.partition}:iam::${data.aws_caller_identity.current.account_id}:root"
}
Action = [
"codebuild:BatchGetReportGroups",
"codebuild:BatchGetReports",
"codebuild:ListReportsForReportGroup",
"codebuild:DescribeTestCases",
]
Resource = aws_codebuild_report_group.example.arn
}]
})
resource_arn = aws_codebuild_report_group.example.arn
}
© 2024 asecurecloud. All rights reserved.