diff --git a/deployments/pipeline-infrastructure.yml b/deployments/pipeline-infrastructure.yml index 401cc59..ba340f4 100644 --- a/deployments/pipeline-infrastructure.yml +++ b/deployments/pipeline-infrastructure.yml @@ -37,15 +37,14 @@ Resources: Statement: # Allow codepipeline to put artifacts in the S3 bucket # as well as get artifacts back out of it. - - Resource: "*" - # - !Sub arn:aws:s3:::${ArtifactBucket}/* + - Resource: + - !Sub arn:aws:s3:::${ArtifactBucket}/* Effect: Allow Action: - s3:PutObject - s3:GetObject - s3:GetObjectVersion - s3:GetBucketVersioning - - s3:* # Allow codepipeline to build code builds - Resource: "*" Effect: Allow diff --git a/deployments/pipeline-new.yml b/deployments/pipeline-new.yml index 9227c5f..a3541ff 100644 --- a/deployments/pipeline-new.yml +++ b/deployments/pipeline-new.yml @@ -351,8 +351,8 @@ Resources: Statement: # Allow codepipeline to put artifacts in the S3 bucket # as well as get artifacts back out of it. - - Resource: - - !Sub arn:aws:s3:::${ArtifactBucket}/* + - Resource: "*" + # - !Sub arn:aws:s3:::${ArtifactBucket}/* Effect: Allow Action: - s3:PutObject diff --git a/deployments/pipeline-service.yml b/deployments/pipeline-service.yml index 58588f9..07f834d 100644 --- a/deployments/pipeline-service.yml +++ b/deployments/pipeline-service.yml @@ -116,7 +116,7 @@ Resources: requestParameters: bucketName: [!Ref ArtifactBucket] key: - - !Sub imagedefinitions/${ServiceName}.json + - !Sub imagedefinitions/${ServiceName}.zip detail-type: [AWS API Call via CloudTrail] source: [aws.s3] Targets: @@ -175,7 +175,7 @@ Resources: Provider: S3 Configuration: S3Bucket: !Ref ArtifactBucket - S3ObjectKey: !Sub imagedefinitions/${ServiceName}.json + S3ObjectKey: !Sub imagedefinitions/${ServiceName}.zip PollForSourceChanges: false OutputArtifacts: - Name: Image