...
Code Block |
---|
{ "Version": "2012-10-17", "Statement": [ { "Sid": "BplmS3TaggingWkspStorageCostPolicy", "Effect": "Allow", "Action": [ "s3:GetBucketTagging", "s3:PutBucketTagging" ], "Resource": "arn:aws:s3:::*" }, { "Sid": "BplmNatGatewayTaggingPolicy", "Effect": "Allow", "Action": [ "ec2:DeleteTags", "ec2:CreateTags" ], "Resource": [ "arn:aws:ec2:*:<Databricks_Wksp_AWS_Account_Id>:natgateway/*", "arn:aws:ec2:*:<Databricks_Wksp_AWS_Account_Id>:natgateway/*", "arn:aws:ec2:*:<Databricks_Wksp_AWS_Account_Id>:vpc/*", "arn:aws:ec2:*:<Databricks_Wksp_AWS_Account_Id>:internet-gateway/*", "arn:aws:ec2:*:<Databricks_Wksp_AWS_Account_Id>:elastic-ip/*", "arn:aws:ec2:*:<Databricks_Wksp_AWS_Account_Id>:route-table/*", "arn:aws:ec2:*:<Databricks_Wksp_AWS_Account_Id>:vpc-endpoint/*" ] }, { "Sid": "BplmNatGatewayVpcsTaggingPolicy", "Effect": "Allow", "Action": [ "ec2:DescribeVpcs", "ec2:DescribeNatGateways", "ec2:DescribeVpcEndpoints", "ec2:DescribeAddresses", "ec2:DescribeInternetGateways", "ec2:DescribeRouteTables" ], "Resource": "*" } ] } |
...