policy
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Statement1",
"Effect": "Allow",
"Action": [
"kms:Decrypt",
"kms:GenerateDataKey"
],
"Resource": [
"arn:aws:kms:ap-northeast-2:339712924586:key/a22ba617-822c-4d80-bb41-8719d43fbfa1",
"arn:aws:kms:ap-northeast-2:339712924586:key/f553ba3c-7fa1-4805-802e-fabe06205d5c"
]
},
{
"Sid": "CloudWatchLogsWrite",
"Effect": "Allow",
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "arn:aws:logs:ap-northeast-2:*:log-group:*:log-stream:*"
},
{
"Sid": "CloudWatchLogsCreateGroup",
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup"
],
"Resource": "arn:aws:logs:ap-northeast-2:*:log-group:*"
},
{
"Sid": "S3",
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::wsc-iost-1234-bucket",
"arn:aws:s3:::wsc-iost-1234-bucket/*"
]
},
{
"Sid": "ReadOnlyWorldpayDbSecret",
"Effect": "Allow",
"Action": [
"secretsmanager:GetSecretValue",
"secretsmanager:DescribeSecret"
],
"Resource": [
"arn:aws:secretsmanager:ap-northeast-2:339712924586:secret:/secret/db-s2pPEH"
]
}
]
}