Skip to content

Commit

Permalink
Added permission to codebuild-role in the deployment account to read …
Browse files Browse the repository at this point in the history 
…AWS Organizations
  • Loading branch information
@sbkok
Stefano Montanelli authored and sbkok committed Aug 9, 2024
1 parent 2d55d2c commit 1a495bd
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/global.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -320,6 +320,7 @@ Resources:
- "sts:AssumeRole"
Resource:
- !Sub arn:${AWS::Partition}:iam::*:role/adf-readonly-automation-role
- !Sub arn:${AWS::Partition}:iam::*:role/adf/organizations/adf-organizations-readonly
Condition:
StringEquals:
aws:PrincipalOrgID: !Ref OrganizationId
Expand Down

0 comments on commit 1a495bd

Please sign in to comment.