From f8c771828abfd3f0bbdfa61c7d2d8dc59814f668 Mon Sep 17 00:00:00 2001 From: Mojo Talantikite Date: Mon, 24 Jul 2023 17:14:59 -0400 Subject: [PATCH] fix role resource with join --- services/postgres/serverless.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/services/postgres/serverless.yml b/services/postgres/serverless.yml index f0b7b28593..f71c109354 100644 --- a/services/postgres/serverless.yml +++ b/services/postgres/serverless.yml @@ -224,8 +224,10 @@ resources: Statement: - Effect: 'Allow' Action: - - 's3:GetObject' - Resource: !GetAtt PostgresVMScriptsBucket.Arn/* + - 's3:*' + Resource: + - !GetAtt PostgresVMScriptsBucket.Arn + - !Join ['', [!GetAtt PostgresVMScriptsBucket.Arn, '/*']] PgVMIAMInstanceProfile: Type: AWS::IAM::InstanceProfile