☰

Add aws.md

David Stark committed 2022-11-15 17:13:18 +0000 commit dad47d5e1211d2a07b9a5da5fc460bf5df509e31

				compute/aws.md
			
          @@ -0,0 +1,40 @@

          +# AWS Stuff

          +

          +### Minimal ECR Pull user

          +

          +```json

          +{

          +  "Resources": {

          +  "MyECRRepositoryPullUser": {

          +      "Type": "AWS::IAM::User",

          +      "Properties": {

          +        "Policies": [

          +          {

          +            "PolicyName": "MyECRRepositoryPullUserPolicy",

          +            "PolicyDocument": {

          +              "Version": "2012-10-17",

          +              "Statement": [

          +                {

          +                  "Effect": "Allow",

          +                  "Action": [

          +                    "ecr:GetDownloadUrlForLayer",

          +                    "ecr:BatchGetImage",

          +                    "ecr:BatchCheckLayerAvailability"

          +                  ],

          +                  "Resource": "arn:aws:ecr:eu-west-1:NNNNNNNN:repository/my-repository/*"

          +                },

          +                {

          +                  "Effect": "Allow",

          +                  "Action": "ecr:GetAuthorizationToken",

          +                  "Resource": "*"

          +                }

          +              ]

          +            }

          +          }

          +        ],

          +        "UserName": "MyECRRepositoryPullUser"

          +      }

          +    }

          +  }

          +}

          +```

...	...	@@ -0,0 +1,40 @@
	1	+# AWS Stuff
	2	+
	3	+### Minimal ECR Pull user
	4	+
	5	+```json
	6	+{
	7	+ "Resources": {
	8	+ "MyECRRepositoryPullUser": {
	9	+ "Type": "AWS::IAM::User",
	10	+ "Properties": {
	11	+ "Policies": [
	12	+ {
	13	+ "PolicyName": "MyECRRepositoryPullUserPolicy",
	14	+ "PolicyDocument": {
	15	+ "Version": "2012-10-17",
	16	+ "Statement": [
	17	+ {
	18	+ "Effect": "Allow",
	19	+ "Action": [
	20	+ "ecr:GetDownloadUrlForLayer",
	21	+ "ecr:BatchGetImage",
	22	+ "ecr:BatchCheckLayerAvailability"
	23	+ ],
	24	+ "Resource": "arn:aws:ecr:eu-west-1:NNNNNNNN:repository/my-repository/*"
	25	+ },
	26	+ {
	27	+ "Effect": "Allow",
	28	+ "Action": "ecr:GetAuthorizationToken",
	29	+ "Resource": "*"
	30	+ }
	31	+ ]
	32	+ }
	33	+ }
	34	+ ],
	35	+ "UserName": "MyECRRepositoryPullUser"
	36	+ }
	37	+ }
	38	+ }
	39	+}
	40	+```