Details
-
Improvement
-
Status: Open (View Workflow)
-
Critical
-
Resolution: Unresolved
-
-
Evergreen - Milestone 1, Evergreen - Milestone 2
Description
To move forward in JENKINS-49853, I gave access to all S3 buckets with the following policy:
{
"PolicyName": "S3ArtifactManagerPolicy",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "TodoRefineSecurityALot",
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:ListBucket",
"s3:DeleteObject"
],
"Resource": "*"
}
]
}
}
We should restrict Resource to the dedicated bucket that was just created with CloudFormation.
(I tried to do that initially, but then went to the easier path to paint the big picture, and address this as a followup)
Attachments
Activity
| Field | Original Value | New Value |
|---|---|---|
| Epic Link |
|
| Assignee | R. Tyler Croy [ rtyler ] |
| Assignee | Baptiste Mathus [ batmat ] |
| Rank | Ranked higher |
| Rank | Ranked lower |
| Sprint | Evergreen - Milestone 1 [ 511 ] | Evergreen - Milestone 1, Evergreen - Milestone 2 [ 511, 516 ] |
| Labels | essentials | essentials evergreen |
| Labels | essentials evergreen | evergreen |
| Assignee | Baptiste Mathus [ batmat ] |