You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This pull request includes updates to the docs/private-ddn/creating-a-data-plane/byoc.mdx file to expand the list of required AWS permissions for creating a data plane. The most important changes involve adding new EC2 permissions to the Resources section.
AWS permissions updates:
Added ec2:DescribeVpcEndpointServices and ec2:DescribeVpcEndpoints to the list of permissions.
Added ec2:CreateSecurityGroup, ec2:AuthorizeSecurityGroupIngress, and ec2:CreateVpcEndpoint to the list of permissions.
The author added necessary permissions to the IAM policy for AWS setup. These additions are consistent with AWS' standard naming conventions for IAM actions and reflect operations that may be required for working with VPC endpoints and security groups. There is also a logical grouping with similar types of permissions, which maintains readability.
✅ Integrated
The integration of the new permissions into the CloudFormation policy appears seamless. Each of the new permissions aligns with the established pattern of specifying all resources ('*') and limiting actions based on 'Created-By' tags. This ensures that the enhancements made by these permissions will be functional within the context of the Hasura DDN setup while respecting the existing security structure.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
robertjdominguez
deleted the
arvi/plat-630-update-byoc-cloudformation-stack-for-the-new-permissions
branch
Description 📝
This pull request includes updates to the
docs/private-ddn/creating-a-data-plane/byoc.mdxfile to expand the list of required AWS permissions for creating a data plane. The most important changes involve adding new EC2 permissions to theResourcessection.AWS permissions updates:
ec2:DescribeVpcEndpointServicesandec2:DescribeVpcEndpointsto the list of permissions.ec2:CreateSecurityGroup,ec2:AuthorizeSecurityGroupIngress, andec2:CreateVpcEndpointto the list of permissions.Quick Links 🚀
Assertion Tests 🤖