diff --git a/packages/aws-cloudformation/CHANGELOG.md b/packages/aws-cloudformation/CHANGELOG.md index f2e49aa..e7028de 100644 --- a/packages/aws-cloudformation/CHANGELOG.md +++ b/packages/aws-cloudformation/CHANGELOG.md @@ -10,6 +10,10 @@ What is in scope for breaking changes includes (but isn't necessarily limited to ## Changes +### v0.1.1 + +- Fix bug that wouldn't let the delete policy work without also having the create policy + ### v0.1.0 - Created a Cloudformation template to deploy the honeypot as a single task running in an ECS service diff --git a/packages/aws-cloudformation/templates/honeypot-stack-policies.yaml b/packages/aws-cloudformation/templates/honeypot-stack-policies.yaml index cc03036..5eee879 100644 --- a/packages/aws-cloudformation/templates/honeypot-stack-policies.yaml +++ b/packages/aws-cloudformation/templates/honeypot-stack-policies.yaml @@ -65,9 +65,11 @@ Resources: - Sid: ecs Effect: Allow Action: + - ecs:DescribeClusters - ecs:DeleteCluster + - ecs:DescribeServices - ecs:DeleteService - - ecs:DeregisterTaskDefinition + # - ecs:DeregisterTaskDefinition # See reason below Resource: "*" Condition: StringEquals: diff --git a/packages/aws-cloudformation/version.json b/packages/aws-cloudformation/version.json index dfba51c..008971a 100644 --- a/packages/aws-cloudformation/version.json +++ b/packages/aws-cloudformation/version.json @@ -1,3 +1,3 @@ { - "version": "0.1.0" + "version": "0.1.1" } \ No newline at end of file