Skip to content

Commit 8dc1c18

Browse files
kaizencckaizencc
authored
revert: "fix(s3): grantRead does not allow s3:HeadObject (#27416)" (#27556)
This reverts commit beac675. Comments on #27416 demonstrate that the PR was created due to misunderstanding of an error message. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
1 parent 1b54353 commit 8dc1c18

File tree

124 files changed

+14
-299
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

124 files changed

+14
-299
lines changed

packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.asset-build-spec.js.snapshot/CodeBuildAssetBuildSpecStack.template.json

-1
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,6 @@
2626
"Action": [
2727
"s3:GetBucket*",
2828
"s3:GetObject*",
29-
"s3:HeadObject",
3029
"s3:List*"
3130
],
3231
"Effect": "Allow",

packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.caching.js.snapshot/aws-cdk-codebuild.template.json

-1
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,6 @@
3333
"s3:DeleteObject*",
3434
"s3:GetBucket*",
3535
"s3:GetObject*",
36-
"s3:HeadObject",
3736
"s3:List*",
3837
"s3:PutObject",
3938
"s3:PutObjectLegalHold",

packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.project-bucket.js.snapshot/aws-cdk-codebuild.template.json

-1
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,6 @@
3131
"Action": [
3232
"s3:GetBucket*",
3333
"s3:GetObject*",
34-
"s3:HeadObject",
3534
"s3:List*"
3635
],
3736
"Effect": "Allow",

packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.project-buildspec-artifacts.js.snapshot/aws-cdk-codebuild-buildspec-artifact-name.template.json

-1
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,6 @@
3333
"s3:DeleteObject*",
3434
"s3:GetBucket*",
3535
"s3:GetObject*",
36-
"s3:HeadObject",
3736
"s3:List*",
3837
"s3:PutObject",
3938
"s3:PutObjectLegalHold",

packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.project-secondary-sources-artifacts.js.snapshot/aws-cdk-codebuild-secondary-sources-artifacts.template.json

-2
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,6 @@
3131
"Action": [
3232
"s3:GetBucket*",
3333
"s3:GetObject*",
34-
"s3:HeadObject",
3534
"s3:List*"
3635
],
3736
"Effect": "Allow",
@@ -64,7 +63,6 @@
6463
"s3:DeleteObject*",
6564
"s3:GetBucket*",
6665
"s3:GetObject*",
67-
"s3:HeadObject",
6866
"s3:List*",
6967
"s3:PutObject",
7068
"s3:PutObjectLegalHold",

packages/@aws-cdk-testing/framework-integ/test/aws-codedeploy/test/server/integ.deployment-group.js.snapshot/aws-cdk-codedeploy-server-dg.template.json

-1
Original file line numberDiff line numberDiff line change
@@ -445,7 +445,6 @@
445445
"Action": [
446446
"s3:GetBucket*",
447447
"s3:GetObject*",
448-
"s3:HeadObject",
449448
"s3:List*"
450449
],
451450
"Effect": "Allow",

packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/cloudformation/integ.stacksets.js.snapshot/StackSetPipelineStack.template.json

-3
Original file line numberDiff line numberDiff line change
@@ -170,7 +170,6 @@
170170
"s3:DeleteObject*",
171171
"s3:GetBucket*",
172172
"s3:GetObject*",
173-
"s3:HeadObject",
174173
"s3:List*",
175174
"s3:PutObject",
176175
"s3:PutObjectLegalHold",
@@ -393,7 +392,6 @@
393392
"Action": [
394393
"s3:GetBucket*",
395394
"s3:GetObject*",
396-
"s3:HeadObject",
397395
"s3:List*"
398396
],
399397
"Effect": "Allow",
@@ -558,7 +556,6 @@
558556
"Action": [
559557
"s3:GetBucket*",
560558
"s3:GetObject*",
561-
"s3:HeadObject",
562559
"s3:List*"
563560
],
564561
"Effect": "Allow",

packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.cfn-template-from-repo.lit.js.snapshot/aws-cdk-codepipeline-cloudformation.template.json

-4
Original file line numberDiff line numberDiff line change
@@ -158,7 +158,6 @@
158158
"s3:DeleteObject*",
159159
"s3:GetBucket*",
160160
"s3:GetObject*",
161-
"s3:HeadObject",
162161
"s3:List*",
163162
"s3:PutObject",
164163
"s3:PutObjectLegalHold",
@@ -434,7 +433,6 @@
434433
"s3:DeleteObject*",
435434
"s3:GetBucket*",
436435
"s3:GetObject*",
437-
"s3:HeadObject",
438436
"s3:List*",
439437
"s3:PutObject",
440438
"s3:PutObjectLegalHold",
@@ -560,7 +558,6 @@
560558
"Action": [
561559
"s3:GetBucket*",
562560
"s3:GetObject*",
563-
"s3:HeadObject",
564561
"s3:List*"
565562
],
566563
"Effect": "Allow",
@@ -671,7 +668,6 @@
671668
"Action": [
672669
"s3:GetBucket*",
673670
"s3:GetObject*",
674-
"s3:HeadObject",
675671
"s3:List*"
676672
],
677673
"Effect": "Allow",

packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.lambda-deployed-through-codepipeline.lit.js.snapshot/PipelineStack.template.json

-7
Original file line numberDiff line numberDiff line change
@@ -152,7 +152,6 @@
152152
"s3:DeleteObject*",
153153
"s3:GetBucket*",
154154
"s3:GetObject*",
155-
"s3:HeadObject",
156155
"s3:List*",
157156
"s3:PutObject",
158157
"s3:PutObjectLegalHold",
@@ -498,7 +497,6 @@
498497
"s3:DeleteObject*",
499498
"s3:GetBucket*",
500499
"s3:GetObject*",
501-
"s3:HeadObject",
502500
"s3:List*",
503501
"s3:PutObject",
504502
"s3:PutObjectLegalHold",
@@ -616,7 +614,6 @@
616614
"s3:DeleteObject*",
617615
"s3:GetBucket*",
618616
"s3:GetObject*",
619-
"s3:HeadObject",
620617
"s3:List*",
621618
"s3:PutObject",
622619
"s3:PutObjectLegalHold",
@@ -926,7 +923,6 @@
926923
"Action": [
927924
"s3:GetBucket*",
928925
"s3:GetObject*",
929-
"s3:HeadObject",
930926
"s3:List*"
931927
],
932928
"Effect": "Allow",
@@ -1035,7 +1031,6 @@
10351031
"Action": [
10361032
"s3:GetBucket*",
10371033
"s3:GetObject*",
1038-
"s3:HeadObject",
10391034
"s3:List*"
10401035
],
10411036
"Effect": "Allow",
@@ -1352,7 +1347,6 @@
13521347
"s3:DeleteObject*",
13531348
"s3:GetBucket*",
13541349
"s3:GetObject*",
1355-
"s3:HeadObject",
13561350
"s3:List*",
13571351
"s3:PutObject",
13581352
"s3:PutObjectLegalHold",
@@ -1564,7 +1558,6 @@
15641558
"s3:DeleteObject*",
15651559
"s3:GetBucket*",
15661560
"s3:GetObject*",
1567-
"s3:HeadObject",
15681561
"s3:List*",
15691562
"s3:PutObject",
15701563
"s3:PutObjectLegalHold",

packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.lambda-pipeline.js.snapshot/aws-cdk-codepipeline-lambda.template.json

-2
Original file line numberDiff line numberDiff line change
@@ -152,7 +152,6 @@
152152
"s3:DeleteObject*",
153153
"s3:GetBucket*",
154154
"s3:GetObject*",
155-
"s3:HeadObject",
156155
"s3:List*",
157156
"s3:PutObject",
158157
"s3:PutObjectLegalHold",
@@ -361,7 +360,6 @@
361360
"Action": [
362361
"s3:GetBucket*",
363362
"s3:GetObject*",
364-
"s3:HeadObject",
365363
"s3:List*"
366364
],
367365
"Effect": "Allow",

packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-alexa-deploy.js.snapshot/aws-cdk-codepipeline-alexa-deploy.template.json

-2
Original file line numberDiff line numberDiff line change
@@ -162,7 +162,6 @@
162162
"s3:DeleteObject*",
163163
"s3:GetBucket*",
164164
"s3:GetObject*",
165-
"s3:HeadObject",
166165
"s3:List*",
167166
"s3:PutObject",
168167
"s3:PutObjectLegalHold",
@@ -362,7 +361,6 @@
362361
"Action": [
363362
"s3:GetBucket*",
364363
"s3:GetObject*",
365-
"s3:HeadObject",
366364
"s3:List*"
367365
],
368366
"Effect": "Allow",

packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-cfn-cross-region.js.snapshot/aws-cdk-codepipeline-cloudformation-cross-region.template.json

-4
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,6 @@
3838
"s3:DeleteObject*",
3939
"s3:GetBucket*",
4040
"s3:GetObject*",
41-
"s3:HeadObject",
4241
"s3:List*",
4342
"s3:PutObject",
4443
"s3:PutObjectLegalHold",
@@ -234,7 +233,6 @@
234233
"Action": [
235234
"s3:GetBucket*",
236235
"s3:GetObject*",
237-
"s3:HeadObject",
238236
"s3:List*"
239237
],
240238
"Effect": "Allow",
@@ -353,7 +351,6 @@
353351
"Action": [
354352
"s3:GetBucket*",
355353
"s3:GetObject*",
356-
"s3:HeadObject",
357354
"s3:List*"
358355
],
359356
"Effect": "Allow",
@@ -441,7 +438,6 @@
441438
"Action": [
442439
"s3:GetBucket*",
443440
"s3:GetObject*",
444-
"s3:HeadObject",
445441
"s3:List*"
446442
],
447443
"Effect": "Allow",

packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-cfn-with-action-role.js.snapshot/aws-cdk-codepipeline-cloudformation-cross-region-with-action-role.template.json

-4
Original file line numberDiff line numberDiff line change
@@ -66,7 +66,6 @@
6666
"Action": [
6767
"s3:GetBucket*",
6868
"s3:GetObject*",
69-
"s3:HeadObject",
7069
"s3:List*"
7170
],
7271
"Effect": "Allow",
@@ -164,7 +163,6 @@
164163
"s3:DeleteObject*",
165164
"s3:GetBucket*",
166165
"s3:GetObject*",
167-
"s3:HeadObject",
168166
"s3:List*",
169167
"s3:PutObject",
170168
"s3:PutObjectLegalHold",
@@ -358,7 +356,6 @@
358356
"Action": [
359357
"s3:GetBucket*",
360358
"s3:GetObject*",
361-
"s3:HeadObject",
362359
"s3:List*"
363360
],
364361
"Effect": "Allow",
@@ -456,7 +453,6 @@
456453
"Action": [
457454
"s3:GetBucket*",
458455
"s3:GetObject*",
459-
"s3:HeadObject",
460456
"s3:List*"
461457
],
462458
"Effect": "Allow",

packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-cfn.js.snapshot/aws-cdk-codepipeline-cloudformation.template.json

-4
Original file line numberDiff line numberDiff line change
@@ -152,7 +152,6 @@
152152
"s3:DeleteObject*",
153153
"s3:GetBucket*",
154154
"s3:GetObject*",
155-
"s3:HeadObject",
156155
"s3:List*",
157156
"s3:PutObject",
158157
"s3:PutObjectLegalHold",
@@ -409,7 +408,6 @@
409408
"Action": [
410409
"s3:GetBucket*",
411410
"s3:GetObject*",
412-
"s3:HeadObject",
413411
"s3:List*"
414412
],
415413
"Effect": "Allow",
@@ -537,7 +535,6 @@
537535
"Action": [
538536
"s3:GetBucket*",
539537
"s3:GetObject*",
540-
"s3:HeadObject",
541538
"s3:List*"
542539
],
543540
"Effect": "Allow",
@@ -675,7 +672,6 @@
675672
"Action": [
676673
"s3:GetBucket*",
677674
"s3:GetObject*",
678-
"s3:HeadObject",
679675
"s3:List*"
680676
],
681677
"Effect": "Allow",

packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-build-batch.js.snapshot/aws-cdk-codepipeline-codebuild-batch.template.json

-2
Original file line numberDiff line numberDiff line change
@@ -109,7 +109,6 @@
109109
"s3:DeleteObject*",
110110
"s3:GetBucket*",
111111
"s3:GetObject*",
112-
"s3:HeadObject",
113112
"s3:List*",
114113
"s3:PutObject",
115114
"s3:PutObjectLegalHold",
@@ -426,7 +425,6 @@
426425
"Action": [
427426
"s3:GetBucket*",
428427
"s3:GetObject*",
429-
"s3:HeadObject",
430428
"s3:List*"
431429
],
432430
"Effect": "Allow",

packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-build-multiple-inputs-outputs.js.snapshot/aws-cdk-codepipeline-codebuild-multiple-inputs-outputs.template.json

-3
Original file line numberDiff line numberDiff line change
@@ -109,7 +109,6 @@
109109
"s3:DeleteObject*",
110110
"s3:GetBucket*",
111111
"s3:GetObject*",
112-
"s3:HeadObject",
113112
"s3:List*",
114113
"s3:PutObject",
115114
"s3:PutObjectLegalHold",
@@ -171,7 +170,6 @@
171170
"Action": [
172171
"s3:GetBucket*",
173172
"s3:GetObject*",
174-
"s3:HeadObject",
175173
"s3:List*"
176174
],
177175
"Effect": "Allow",
@@ -532,7 +530,6 @@
532530
"s3:DeleteObject*",
533531
"s3:GetBucket*",
534532
"s3:GetObject*",
535-
"s3:HeadObject",
536533
"s3:List*",
537534
"s3:PutObject",
538535
"s3:PutObjectLegalHold",

packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-commit-build.js.snapshot/aws-cdk-codepipeline-codecommit-codebuild.template.json

-3
Original file line numberDiff line numberDiff line change
@@ -91,7 +91,6 @@
9191
"s3:DeleteObject*",
9292
"s3:GetBucket*",
9393
"s3:GetObject*",
94-
"s3:HeadObject",
9594
"s3:List*",
9695
"s3:PutObject",
9796
"s3:PutObjectLegalHold",
@@ -359,7 +358,6 @@
359358
"s3:DeleteObject*",
360359
"s3:GetBucket*",
361360
"s3:GetObject*",
362-
"s3:HeadObject",
363361
"s3:List*",
364362
"s3:PutObject",
365363
"s3:PutObjectLegalHold",
@@ -616,7 +614,6 @@
616614
"s3:DeleteObject*",
617615
"s3:GetBucket*",
618616
"s3:GetObject*",
619-
"s3:HeadObject",
620617
"s3:List*",
621618
"s3:PutObject",
622619
"s3:PutObjectLegalHold",

packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-commit.js.snapshot/aws-cdk-codepipeline-codecommit.template.json

-2
Original file line numberDiff line numberDiff line change
@@ -223,7 +223,6 @@
223223
"s3:DeleteObject*",
224224
"s3:GetBucket*",
225225
"s3:GetObject*",
226-
"s3:HeadObject",
227226
"s3:List*",
228227
"s3:PutObject",
229228
"s3:PutObjectLegalHold",
@@ -432,7 +431,6 @@
432431
"s3:DeleteObject*",
433432
"s3:GetBucket*",
434433
"s3:GetObject*",
435-
"s3:HeadObject",
436434
"s3:List*",
437435
"s3:PutObject",
438436
"s3:PutObjectLegalHold",

packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-deploy-ecs.js.snapshot/aws-cdk-codepipeline-codedeploy-ecs.template.json

-3
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,6 @@
3838
"s3:DeleteObject*",
3939
"s3:GetBucket*",
4040
"s3:GetObject*",
41-
"s3:HeadObject",
4241
"s3:List*",
4342
"s3:PutObject",
4443
"s3:PutObjectLegalHold",
@@ -231,7 +230,6 @@
231230
"Action": [
232231
"s3:GetBucket*",
233232
"s3:GetObject*",
234-
"s3:HeadObject",
235233
"s3:List*"
236234
],
237235
"Effect": "Allow",
@@ -440,7 +438,6 @@
440438
"Action": [
441439
"s3:GetBucket*",
442440
"s3:GetObject*",
443-
"s3:HeadObject",
444441
"s3:List*"
445442
],
446443
"Effect": "Allow",

0 commit comments

Comments
 (0)