Example RBAC roles
Allow all
{
"version": "2017-05-05",
"statement": [
{
"effect": "allow",
"action": "*",
"resource": "*"
}
]
}Allow UI login
{
"version": "2017-05-05",
"statement": [
{
"effect": "allow",
"action": "view:user.login",
"resource": "*"
}
]
}Deny credentials
{
"version": "2017-05-05",
"statement": [
{
"effect": "allow",
"action": "*",
"resource": "*"
},
{
"effect": "deny",
"action": "*:credentials",
"resource": ["AKIAJ7Z8PGXEZTIJOL6IQ"]
}
]
}Deny list stacks
{
"version": "2017-05-05",
"statement": [
{
"effect": "allow",
"action": "*",
"resource": "*"
},
{
"effect": "deny",
"action": "view:alm.stack",
"resource": "*"
}
]
}Deny list stacks by resource
{
"version": "2017-05-05",
"statement": [
{
"effect": "allow",
"action": "*",
"resource": "*"
},
{
"effect": "deny",
"action": "view:alm.stack",
"resource": ["mo-590fdb7bad55s-tJZpgRCBs-tk", "mo-590fdb7bad55s-ugMgQQ1TE-tk"]
}
]
}Deny deleting stacks by resource
{
"version": "2017-05-05",
"statement": [
{
"effect": "allow",
"action": "*",
"resource": "*"
},
{
"effect": "deny",
"action": "delete:alm.stack",
"resource": ["mo-590fdb7bad55s-tJZpgRCBs-tk"]
}
]
}Last updated