Closed maslick closed 2 years ago
Fixing #24
Description of changes: Remove pre-check on ec2:TerminateInstances since this permission is already included in awsutility-cloudformation-commandrun-ExecutionRole - see awsutility-cloudformation-commandrunner.json:
awsutility-cloudformation-commandrunner.json
{ "Version": "2012-10-17", "Statement": [ { "Action": [ "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:DescribeStacks", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateSecurityGroup", "ec2:CreateTags", "ec2:DeleteSecurityGroup", "ec2:DescribeInstances", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:RunInstances", "ec2:TerminateInstances", "iam:PassRole", "iam:SimulatePrincipalPolicy", "kms:Decrypt", "kms:Encrypt", "logs:CreateLogStream", "logs:DescribeLogGroups", "logs:PutMetricData", "ssm:DeleteParameter", "ssm:GetParameter", "ssm:PutParameter", "sts:GetCallerIdentity" ], "Resource": "*", "Effect": "Allow" } ] }
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
Added property DisableTerminateInstancesCheck in v2.0.
Fixing #24
Description of changes: Remove pre-check on ec2:TerminateInstances since this permission is already included in awsutility-cloudformation-commandrun-ExecutionRole - see
awsutility-cloudformation-commandrunner.json
:By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.