|
"Sid": "AllowRequestsToAWSOwnedResources", |
|
"Effect": "Allow", |
|
"Principal": "*", |
|
"Action": [ |
|
"s3:GetObject", |
|
"s3:ListBucket" |
|
], |
|
"Resource": [ |
|
"arn:aws:s3:::packages.<region>.amazonaws.com/*", |
|
"arn:aws:s3:::repo.<region>.amazonaws.com/*", |
|
"arn:aws:s3:::amazonlinux.<region>.amazonaws.com/*", |
|
"arn:aws:s3:::amazonlinux-2-repos-<region>/*", |
|
"arn:aws:s3:::al2023-repos-<region>-de612dc2/*", |
|
"arn:aws:s3:::al2023-<region>/*", |
|
"arn:aws:s3:::repo.<region>.emr.amazonaws.com/*", |
|
"arn:aws:s3:::prod.<region>.appinfo.src/*", |
|
"arn:aws:s3:::aws-ssm-<region>/*", |
|
"arn:aws:s3:::aws-windows-downloads-<region>/*", |
|
"arn:aws:s3:::amazon-ssm-<region>/*", |
|
"arn:aws:s3:::amazon-ssm-packages-<region>/*", |
|
"arn:aws:s3:::<region>-birdwatcher-prod/*", |
|
"arn:aws:s3:::aws-ssm-distributor-file-<region>/*", |
|
"arn:aws:s3:::aws-ssm-document-attachments-<region>/*", |
|
"arn:aws:s3:::patch-baseline-snapshot-<region>/*", |
|
"arn:aws:s3:::aws-patchmanager-macos-<region>/*", |
|
"arn:aws:s3:::amazoncloudwatch-agent-<region>/*", |
|
"arn:aws:s3:::amazoncloudwatch-agent/*", |
|
"arn:aws:s3:::aws-codedeploy-<region>/*", |
|
"arn:aws:s3:::ec2imagebuilder-toe-<region>-prod/*", |
|
"arn:aws:s3:::ec2imagebuilder-managed-resources-<region>-prod/components/*", |
|
"arn:aws:s3:::prod-<region>-starport-layer-bucket/*", |
|
"arn:aws:s3:::aws-mgn-clients-<region>/*", |
|
"arn:aws:s3:::aws-mgn-clients-hashes-<region>/*", |
|
"arn:aws:s3:::aws-mgn-internal-<region>/*", |
|
"arn:aws:s3:::aws-mgn-internal-hashes-<region>/*", |
|
"arn:aws:s3:::aws-application-migration-service-<region>/*", |
|
"arn:aws:s3:::aws-application-migration-service-hashes-<region>/*", |
|
"arn:aws:s3:::aws-drs-clients-<region>/*", |
|
"arn:aws:s3:::aws-drs-clients-hashes-<region>/*", |
|
"arn:aws:s3:::aws-drs-internal-<region>/*", |
|
"arn:aws:s3:::aws-drs-internal-hashes-<region>/*", |
|
"arn:aws:s3:::aws-elastic-disaster-recovery-<region>/*", |
|
"arn:aws:s3:::aws-elastic-disaster-recovery-hashes-<region>/*", |
|
"arn:aws:s3:::cloudformation-waitcondition-<region>/*", |
|
"arn:aws:s3:::cloudformation-custom-resource-response-<RegionWithoutDashes>/*", |
|
"arn:aws:s3:::aws-ec2-enclave-certificate-<region>-prod/*", |
|
"arn:aws:s3:::assets-<CodeArtifact-Region-Account>-<region>/*", |
|
"arn:aws:s3:::elasticbeanstalk-samples-<region>/*", |
|
"arn:aws:s3:::elasticbeanstalk-platform-assets-<region>/*", |
|
"arn:aws:s3:::elasticbeanstalk-env-resources-<region>/*", |
|
"arn:aws:s3:::elasticbeanstalk-<region>/*", |
|
"arn:aws:s3:::jumpstart-cache-prod-<region>/*", |
|
"arn:aws:s3:::jumpstart-cache-prod-<region>", |
|
"arn:aws:s3:::static-<region>-prod-static-<string>/content/dependencies/*", |
|
"arn:aws:s3:::aws-neptune-notebook", |
|
"arn:aws:s3:::aws-neptune-notebook/*", |
|
"arn:aws:s3:::aws-neptune-notebook-<region>", |
|
"arn:aws:s3:::aws-neptune-notebook-<region>/*" |
|
] |
|
}, |
https://docs.aws.amazon.com/cli/v1/userguide/install-linux.html contains instructions to download the AWS CLI from https://s3.amazonaws.com/aws-cli/awscli-bundle.zip
This is not present in
data-perimeter-policy-examples/vpc_endpoint_policies/s3_endpoint_policy.json
Lines 43 to 102 in f8f53c5