mirror of
https://github.com/prowler-cloud/prowler.git
synced 2026-02-09 02:30:43 +00:00
9b772a70a1
* Fix AccessDenied issue when get document Add check to validate access denied when get document from SSM. Add missing action permission to allow ssm:GetDocument. * Double quote variables to prevent globbing and word splitting
27 lines
821 B
JSON
27 lines
821 B
JSON
{
|
|
"Version": "2012-10-17",
|
|
"Statement": [
|
|
{
|
|
"Action": [
|
|
"ds:ListAuthorizedApplications",
|
|
"ec2:GetEbsEncryptionByDefault",
|
|
"ecr:Describe*",
|
|
"elasticfilesystem:DescribeBackupPolicy",
|
|
"glue:GetConnections",
|
|
"glue:GetSecurityConfiguration",
|
|
"glue:SearchTables",
|
|
"lambda:GetFunction",
|
|
"s3:GetAccountPublicAccessBlock",
|
|
"shield:DescribeProtection",
|
|
"shield:GetSubscriptionState",
|
|
"ssm:GetDocument",
|
|
"support:Describe*",
|
|
"tag:GetTagKeys"
|
|
],
|
|
"Resource": "*",
|
|
"Effect": "Allow",
|
|
"Sid": "AllowMoreReadForProwler"
|
|
}
|
|
]
|
|
}
|