Skip to content

Commit

Permalink
Update alb controller iam policy
Browse files Browse the repository at this point in the history
  • Loading branch information
@harryttd
harryttd committed Nov 22, 2023
1 parent 627286a commit 20711ec
Showing 1 changed file with 20 additions and 0 deletions.
20 changes: 20 additions & 0 deletions aws/components/AlbIngressController.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -325,6 +325,26 @@ export default class AlbIngressController extends pulumi.ComponentResource {
},
},
},
{
Effect: "Allow",
Action: ["elasticloadbalancing:AddTags"],
Resource: [
"arn:aws:elasticloadbalancing:*:*:targetgroup/*/*",
"arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*",
"arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*",
],
Condition: {
StringEquals: {
"elasticloadbalancing:CreateAction": [
"CreateTargetGroup",
"CreateLoadBalancer",
],
},
Null: {
"aws:RequestTag/elbv2.k8s.aws/cluster": "false",
},
},
},
{
Effect: "Allow",
Action: [
Expand Down

0 comments on commit 20711ec

Please sign in to comment.