From fa7337c3725d16b5a399ed028a20a8f25deb0e6e Mon Sep 17 00:00:00 2001 From: Kaizen Conroy <36202692+kaizencc@users.noreply.github.com> Date: Mon, 16 Oct 2023 09:32:41 -0400 Subject: [PATCH] Revert "fix(s3): grantRead does not allow s3:HeadObject (#27416)" This reverts commit beac6753021138ee56abdbf02eef0318f7098dde. --- .../CodeBuildAssetBuildSpecStack.template.json | 1 - .../aws-cdk-codebuild.template.json | 1 - .../aws-cdk-codebuild.template.json | 1 - ...-codebuild-buildspec-artifact-name.template.json | 1 - ...ebuild-secondary-sources-artifacts.template.json | 2 -- .../aws-cdk-codedeploy-server-dg.template.json | 1 - .../StackSetPipelineStack.template.json | 3 --- ...ws-cdk-codepipeline-cloudformation.template.json | 4 ---- .../PipelineStack.template.json | 7 ------- .../aws-cdk-codepipeline-lambda.template.json | 2 -- .../aws-cdk-codepipeline-alexa-deploy.template.json | 2 -- ...peline-cloudformation-cross-region.template.json | 4 ---- ...tion-cross-region-with-action-role.template.json | 4 ---- ...ws-cdk-codepipeline-cloudformation.template.json | 4 ---- ...s-cdk-codepipeline-codebuild-batch.template.json | 2 -- ...-codebuild-multiple-inputs-outputs.template.json | 3 --- ...-codepipeline-codecommit-codebuild.template.json | 3 --- .../aws-cdk-codepipeline-codecommit.template.json | 2 -- ...ws-cdk-codepipeline-codedeploy-ecs.template.json | 3 --- .../aws-cdk-codepipeline-codedeploy.template.json | 3 --- .../aws-cdk-codepipeline-ecr-source.template.json | 1 - .../aws-cdk-codepipeline-ecs-deploy.template.json | 4 ---- ...-cdk-pipeline-ecs-separate-sources.template.json | 7 ------- ...epipeline-elastic-beanstalk-deploy.template.json | 5 ----- .../aws-cdk-pipeline-event-target.template.json | 3 --- .../aws-cdk-codepipeline-jenkins.template.json | 2 -- ...s-cdk-codepipeline-manual-approval.template.json | 2 -- .../aws-cdk-codepipeline-s3-deploy.template.json | 4 ---- ...aws-cdk-codepipeline-stepfunctions.template.json | 2 -- .../integ-pipeline-consumer-stack.template.json | 3 --- .../PipelineStack.template.json | 3 --- .../integ-init.template.json | 1 - .../aws-ecs-integ.template.json | 2 -- .../aws-cdk-eks-import-cluster-test.template.json | 1 - .../aws-cdk-eks-cluster-ipv6-test.template.json | 1 - .../aws-cdk-eks-cluster-test.template.json | 1 - .../aws-cdk-eks-helm-test.template.json | 1 - .../pipeline-events.template.json | 1 - .../aws-cdk-firehose-event-target.template.json | 1 - .../aws-cdk-rds-s3-integ.template.json | 2 -- .../aws-cdk-rds-s3-mysql-8-integ.template.json | 1 - ...cdk-rds-instance-s3-postgres-integ.template.json | 2 -- .../aws-cdk-rds-instance-s3-integ.template.json | 2 -- .../cdk-integ-assets-bundling.template.json | 1 - .../aws-cdk-asset-test.template.json | 1 - .../cdk-integ-assets-bundling.template.json | 1 - .../aws-cdk-asset-file-test.template.json | 1 - .../aws-cdk-asset-refs.template.json | 1 - .../aws-cdk-asset-refs.template.json | 1 - .../test-bucket-deployments-1.template.json | 2 -- .../TestBucketDeploymentContent.template.json | 2 -- ...-bucket-deployment-deployed-bucket.template.json | 2 -- .../test-bucket-deployment-signobject.template.json | 2 -- ...k-s3-deploy-substitution-with-role.template.json | 2 -- .../test-s3-deploy-substitution.template.json | 2 -- .../test-bucket-deployments-2.template.json | 4 ---- .../ConsumerStack.template.json | 1 - .../aws-cdk-s3.template.json | 2 -- ...-cdk-nested-stack-in-product-stack.template.json | 2 -- ...icecatalog-product-encrypted-asset.template.json | 2 -- .../integ-servicecatalog-product.template.json | 2 -- .../integ-servicecatalog-two-products.template.json | 2 -- ...s-emr-containers-all-services-test.template.json | 1 - .../aws-stepfunctions-integ.template.json | 1 - .../aws-stepfunctions-integ.template.json | 1 - .../aws-stepfunctions-integ-sagemaker.template.json | 1 - .../integ-stepfunctions-sagemaker.template.json | 1 - .../PipelineStack.template.json | 4 ---- .../PipelineStack.template.json | 4 ---- .../PipelinesFileSystemLocations.template.json | 5 ----- .../PipelineStack.template.json | 5 ----- .../PipelineStack.template.json | 4 ---- .../PipelineSecurityStack.template.json | 6 ------ .../PipelineStack.template.json | 4 ---- .../PipelineStack.template.json | 7 ------- .../PipelineStack.template.json | 7 ------- .../StackOutputPipelineStack.template.json | 3 --- .../VariablePipelineStack.template.json | 7 ------- .../PreparelessPipelineStack.template.json | 4 ---- .../PipelineStack.template.json | 6 ------ ...efault-resourcesmax-ACCOUNT-REGION.template.json | 1 - ...efault-resourcesmax-ACCOUNT-REGION.template.json | 2 -- .../aws-appconfig-configuration.template.json | 5 ----- .../aws-apprunner-alpha/test/service.test.ts | 1 - packages/@aws-cdk/aws-glue-alpha/test/code.test.ts | 2 -- .../aws-glue-job-python-shell.template.json | 2 -- .../aws-glue-job.template.json | 13 ------------- .../aws-cdk-glue.template.json | 2 -- packages/@aws-cdk/aws-glue-alpha/test/job.test.ts | 4 ---- .../@aws-cdk/aws-glue-alpha/test/s3-table.test.ts | 2 -- .../aws-glue-alpha/test/table-deprecated.test.ts | 2 -- .../test-stack.template.json | 1 - .../test/application.test.ts | 4 ++-- .../FlinkAppCodeFromBucketTest.template.json | 1 - .../FlinkAppTest.template.json | 1 - .../FlinkAppTest.template.json | 1 - .../aws-cdk-firehose-delivery-stream.template.json | 1 - ...hose-delivery-stream-source-stream.template.json | 1 - ...-delivery-stream-s3-all-properties.template.json | 1 - .../test/s3-bucket.test.ts | 2 -- .../aws-cdk-sagemaker-endpointconfig.template.json | 1 - .../aws-cdk-sagemaker-endpoint-alarms.template.json | 1 - .../aws-cdk-sagemaker-endpoint.template.json | 1 - .../aws-cdk-sagemaker-model.template.json | 2 -- .../aws-codebuild/test/codebuild.test.ts | 1 - .../cloudformation-pipeline-actions.test.ts | 3 --- ...cloudformation-stackset-pipeline-actions.test.ts | 1 - .../test/lambda/lambda-invoke-action.test.ts | 2 -- .../aws-codepipeline-actions/test/pipeline.test.ts | 1 - .../test/s3/s3-deploy-action.test.ts | 1 - packages/aws-cdk-lib/aws-ec2/test/cfn-init.test.ts | 6 +++--- packages/aws-cdk-lib/aws-rds/test/cluster.test.ts | 2 -- packages/aws-cdk-lib/aws-rds/test/instance.test.ts | 2 -- .../aws-cdk-lib/aws-s3-assets/test/asset.test.ts | 2 +- .../test/bucket-deployment.test.ts | 2 -- packages/aws-cdk-lib/aws-s3/lib/perms.ts | 1 - packages/aws-cdk-lib/aws-s3/test/bucket.test.ts | 9 +-------- .../aws-servicecatalog/test/portfolio.test.ts | 2 +- .../test/emrcontainers/start-job-run.test.ts | 2 -- .../aws-stepfunctions/test/state-machine.test.ts | 1 - .../pipelines/test/compliance/assets.test.ts | 2 +- .../pipelines/test/compliance/environments.test.ts | 6 +++--- .../pipelines/test/compliance/synths.test.ts | 2 +- .../pipelines/test/compliance/validations.test.ts | 2 +- 124 files changed, 14 insertions(+), 299 deletions(-) diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.asset-build-spec.js.snapshot/CodeBuildAssetBuildSpecStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.asset-build-spec.js.snapshot/CodeBuildAssetBuildSpecStack.template.json index ecc682e19a3e5..c4231385ef554 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.asset-build-spec.js.snapshot/CodeBuildAssetBuildSpecStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.asset-build-spec.js.snapshot/CodeBuildAssetBuildSpecStack.template.json @@ -26,7 +26,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.caching.js.snapshot/aws-cdk-codebuild.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.caching.js.snapshot/aws-cdk-codebuild.template.json index 542e17c5c0896..bb229d9f143c6 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.caching.js.snapshot/aws-cdk-codebuild.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.caching.js.snapshot/aws-cdk-codebuild.template.json @@ -33,7 +33,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.project-bucket.js.snapshot/aws-cdk-codebuild.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.project-bucket.js.snapshot/aws-cdk-codebuild.template.json index 1936d7f043131..2e7587aa97929 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.project-bucket.js.snapshot/aws-cdk-codebuild.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.project-bucket.js.snapshot/aws-cdk-codebuild.template.json @@ -31,7 +31,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.project-buildspec-artifacts.js.snapshot/aws-cdk-codebuild-buildspec-artifact-name.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.project-buildspec-artifacts.js.snapshot/aws-cdk-codebuild-buildspec-artifact-name.template.json index 8cf406cca010d..5267ba939c5d5 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.project-buildspec-artifacts.js.snapshot/aws-cdk-codebuild-buildspec-artifact-name.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.project-buildspec-artifacts.js.snapshot/aws-cdk-codebuild-buildspec-artifact-name.template.json @@ -33,7 +33,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.project-secondary-sources-artifacts.js.snapshot/aws-cdk-codebuild-secondary-sources-artifacts.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.project-secondary-sources-artifacts.js.snapshot/aws-cdk-codebuild-secondary-sources-artifacts.template.json index c25aab78a7ae4..05e907f202018 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.project-secondary-sources-artifacts.js.snapshot/aws-cdk-codebuild-secondary-sources-artifacts.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.project-secondary-sources-artifacts.js.snapshot/aws-cdk-codebuild-secondary-sources-artifacts.template.json @@ -31,7 +31,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -64,7 +63,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codedeploy/test/server/integ.deployment-group.js.snapshot/aws-cdk-codedeploy-server-dg.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codedeploy/test/server/integ.deployment-group.js.snapshot/aws-cdk-codedeploy-server-dg.template.json index eee7773e28624..4875a40c9139a 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codedeploy/test/server/integ.deployment-group.js.snapshot/aws-cdk-codedeploy-server-dg.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codedeploy/test/server/integ.deployment-group.js.snapshot/aws-cdk-codedeploy-server-dg.template.json @@ -445,7 +445,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/cloudformation/integ.stacksets.js.snapshot/StackSetPipelineStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/cloudformation/integ.stacksets.js.snapshot/StackSetPipelineStack.template.json index 40eac48b94faa..fa3757f93ac36 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/cloudformation/integ.stacksets.js.snapshot/StackSetPipelineStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/cloudformation/integ.stacksets.js.snapshot/StackSetPipelineStack.template.json @@ -170,7 +170,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -393,7 +392,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -558,7 +556,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.cfn-template-from-repo.lit.js.snapshot/aws-cdk-codepipeline-cloudformation.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.cfn-template-from-repo.lit.js.snapshot/aws-cdk-codepipeline-cloudformation.template.json index c0d51abdd7a72..15cbb079c47d0 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.cfn-template-from-repo.lit.js.snapshot/aws-cdk-codepipeline-cloudformation.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.cfn-template-from-repo.lit.js.snapshot/aws-cdk-codepipeline-cloudformation.template.json @@ -158,7 +158,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -434,7 +433,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -560,7 +558,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -671,7 +668,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.lambda-deployed-through-codepipeline.lit.js.snapshot/PipelineStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.lambda-deployed-through-codepipeline.lit.js.snapshot/PipelineStack.template.json index 68b1c9684baae..3f2e680f53298 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.lambda-deployed-through-codepipeline.lit.js.snapshot/PipelineStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.lambda-deployed-through-codepipeline.lit.js.snapshot/PipelineStack.template.json @@ -152,7 +152,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -498,7 +497,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -616,7 +614,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -926,7 +923,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1035,7 +1031,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1352,7 +1347,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -1564,7 +1558,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.lambda-pipeline.js.snapshot/aws-cdk-codepipeline-lambda.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.lambda-pipeline.js.snapshot/aws-cdk-codepipeline-lambda.template.json index 18165949185e2..4ce100cedd9f4 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.lambda-pipeline.js.snapshot/aws-cdk-codepipeline-lambda.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.lambda-pipeline.js.snapshot/aws-cdk-codepipeline-lambda.template.json @@ -152,7 +152,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -361,7 +360,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-alexa-deploy.js.snapshot/aws-cdk-codepipeline-alexa-deploy.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-alexa-deploy.js.snapshot/aws-cdk-codepipeline-alexa-deploy.template.json index 788098628cb16..04020db26c6bd 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-alexa-deploy.js.snapshot/aws-cdk-codepipeline-alexa-deploy.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-alexa-deploy.js.snapshot/aws-cdk-codepipeline-alexa-deploy.template.json @@ -162,7 +162,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -362,7 +361,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-cfn-cross-region.js.snapshot/aws-cdk-codepipeline-cloudformation-cross-region.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-cfn-cross-region.js.snapshot/aws-cdk-codepipeline-cloudformation-cross-region.template.json index f104bc125995d..b2db804374e1e 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-cfn-cross-region.js.snapshot/aws-cdk-codepipeline-cloudformation-cross-region.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-cfn-cross-region.js.snapshot/aws-cdk-codepipeline-cloudformation-cross-region.template.json @@ -38,7 +38,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -234,7 +233,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -353,7 +351,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -441,7 +438,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-cfn-with-action-role.js.snapshot/aws-cdk-codepipeline-cloudformation-cross-region-with-action-role.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-cfn-with-action-role.js.snapshot/aws-cdk-codepipeline-cloudformation-cross-region-with-action-role.template.json index f883b801913e1..54333dbbb4f01 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-cfn-with-action-role.js.snapshot/aws-cdk-codepipeline-cloudformation-cross-region-with-action-role.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-cfn-with-action-role.js.snapshot/aws-cdk-codepipeline-cloudformation-cross-region-with-action-role.template.json @@ -66,7 +66,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -164,7 +163,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -358,7 +356,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -456,7 +453,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-cfn.js.snapshot/aws-cdk-codepipeline-cloudformation.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-cfn.js.snapshot/aws-cdk-codepipeline-cloudformation.template.json index 215070aa4ee9c..f12bb1627bece 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-cfn.js.snapshot/aws-cdk-codepipeline-cloudformation.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-cfn.js.snapshot/aws-cdk-codepipeline-cloudformation.template.json @@ -152,7 +152,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -409,7 +408,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -537,7 +535,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -675,7 +672,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-build-batch.js.snapshot/aws-cdk-codepipeline-codebuild-batch.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-build-batch.js.snapshot/aws-cdk-codepipeline-codebuild-batch.template.json index da473b93c7885..3a98cdabf9392 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-build-batch.js.snapshot/aws-cdk-codepipeline-codebuild-batch.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-build-batch.js.snapshot/aws-cdk-codepipeline-codebuild-batch.template.json @@ -109,7 +109,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -426,7 +425,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-build-multiple-inputs-outputs.js.snapshot/aws-cdk-codepipeline-codebuild-multiple-inputs-outputs.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-build-multiple-inputs-outputs.js.snapshot/aws-cdk-codepipeline-codebuild-multiple-inputs-outputs.template.json index 14ab6e2a8be7d..03592efd7cdfd 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-build-multiple-inputs-outputs.js.snapshot/aws-cdk-codepipeline-codebuild-multiple-inputs-outputs.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-build-multiple-inputs-outputs.js.snapshot/aws-cdk-codepipeline-codebuild-multiple-inputs-outputs.template.json @@ -109,7 +109,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -171,7 +170,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -532,7 +530,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-commit-build.js.snapshot/aws-cdk-codepipeline-codecommit-codebuild.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-commit-build.js.snapshot/aws-cdk-codepipeline-codecommit-codebuild.template.json index 86e155cbb057d..7ab7817439e35 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-commit-build.js.snapshot/aws-cdk-codepipeline-codecommit-codebuild.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-commit-build.js.snapshot/aws-cdk-codepipeline-codecommit-codebuild.template.json @@ -91,7 +91,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -359,7 +358,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -616,7 +614,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-commit.js.snapshot/aws-cdk-codepipeline-codecommit.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-commit.js.snapshot/aws-cdk-codepipeline-codecommit.template.json index eb5211cb3b5a8..6a88f7d4af098 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-commit.js.snapshot/aws-cdk-codepipeline-codecommit.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-commit.js.snapshot/aws-cdk-codepipeline-codecommit.template.json @@ -223,7 +223,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -432,7 +431,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-deploy-ecs.js.snapshot/aws-cdk-codepipeline-codedeploy-ecs.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-deploy-ecs.js.snapshot/aws-cdk-codepipeline-codedeploy-ecs.template.json index 919517508d92e..d48839f3050d7 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-deploy-ecs.js.snapshot/aws-cdk-codepipeline-codedeploy-ecs.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-deploy-ecs.js.snapshot/aws-cdk-codepipeline-codedeploy-ecs.template.json @@ -38,7 +38,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -231,7 +230,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -440,7 +438,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-deploy.js.snapshot/aws-cdk-codepipeline-codedeploy.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-deploy.js.snapshot/aws-cdk-codepipeline-codedeploy.template.json index db00e99d10a16..3bcb10a14b4da 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-deploy.js.snapshot/aws-cdk-codepipeline-codedeploy.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-code-deploy.js.snapshot/aws-cdk-codepipeline-codedeploy.template.json @@ -112,7 +112,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -303,7 +302,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -507,7 +505,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-ecr-source.js.snapshot/aws-cdk-codepipeline-ecr-source.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-ecr-source.js.snapshot/aws-cdk-codepipeline-ecr-source.template.json index d3589288e8ed4..43e63a1eaea6e 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-ecr-source.js.snapshot/aws-cdk-codepipeline-ecr-source.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-ecr-source.js.snapshot/aws-cdk-codepipeline-ecr-source.template.json @@ -33,7 +33,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-ecs-deploy.js.snapshot/aws-cdk-codepipeline-ecs-deploy.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-ecs-deploy.js.snapshot/aws-cdk-codepipeline-ecs-deploy.template.json index 60586509dba79..67d54e84dc3e0 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-ecs-deploy.js.snapshot/aws-cdk-codepipeline-ecs-deploy.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-ecs-deploy.js.snapshot/aws-cdk-codepipeline-ecs-deploy.template.json @@ -444,7 +444,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -598,7 +597,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -835,7 +833,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1035,7 +1032,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-ecs-separate-source.lit.js.snapshot/aws-cdk-pipeline-ecs-separate-sources.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-ecs-separate-source.lit.js.snapshot/aws-cdk-pipeline-ecs-separate-sources.template.json index 502779cf94763..bfd16eae92f25 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-ecs-separate-source.lit.js.snapshot/aws-cdk-pipeline-ecs-separate-sources.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-ecs-separate-source.lit.js.snapshot/aws-cdk-pipeline-ecs-separate-sources.template.json @@ -145,7 +145,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -385,7 +384,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -632,7 +630,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -946,7 +943,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -1048,7 +1044,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -1342,7 +1337,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1438,7 +1432,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-elastic-beanstalk-deploy.js.snapshot/aws-cdk-codepipeline-elastic-beanstalk-deploy.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-elastic-beanstalk-deploy.js.snapshot/aws-cdk-codepipeline-elastic-beanstalk-deploy.template.json index eda0364eafc4a..a37d6bc6997d6 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-elastic-beanstalk-deploy.js.snapshot/aws-cdk-codepipeline-elastic-beanstalk-deploy.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-elastic-beanstalk-deploy.js.snapshot/aws-cdk-codepipeline-elastic-beanstalk-deploy.template.json @@ -227,7 +227,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -271,7 +270,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -478,7 +476,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -675,7 +672,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -813,7 +809,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-events.js.snapshot/aws-cdk-pipeline-event-target.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-events.js.snapshot/aws-cdk-pipeline-event-target.template.json index 86c50d9c3a158..ca0a6faba2e5e 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-events.js.snapshot/aws-cdk-pipeline-event-target.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-events.js.snapshot/aws-cdk-pipeline-event-target.template.json @@ -152,7 +152,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -376,7 +375,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -768,7 +766,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-jenkins.js.snapshot/aws-cdk-codepipeline-jenkins.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-jenkins.js.snapshot/aws-cdk-codepipeline-jenkins.template.json index 78064d34b378f..f32415ad85d69 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-jenkins.js.snapshot/aws-cdk-codepipeline-jenkins.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-jenkins.js.snapshot/aws-cdk-codepipeline-jenkins.template.json @@ -38,7 +38,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -251,7 +250,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-manual-approval.js.snapshot/aws-cdk-codepipeline-manual-approval.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-manual-approval.js.snapshot/aws-cdk-codepipeline-manual-approval.template.json index ba7fe9e6911ab..cad0f8daf8000 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-manual-approval.js.snapshot/aws-cdk-codepipeline-manual-approval.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-manual-approval.js.snapshot/aws-cdk-codepipeline-manual-approval.template.json @@ -33,7 +33,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -216,7 +215,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-s3-deploy.js.snapshot/aws-cdk-codepipeline-s3-deploy.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-s3-deploy.js.snapshot/aws-cdk-codepipeline-s3-deploy.template.json index 5f3b15d03a8a8..793c34ba09d50 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-s3-deploy.js.snapshot/aws-cdk-codepipeline-s3-deploy.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-s3-deploy.js.snapshot/aws-cdk-codepipeline-s3-deploy.template.json @@ -392,7 +392,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -659,7 +658,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -843,7 +841,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -972,7 +969,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-stepfunctions.js.snapshot/aws-cdk-codepipeline-stepfunctions.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-stepfunctions.js.snapshot/aws-cdk-codepipeline-stepfunctions.template.json index 138fd0a82319b..567555af9ce77 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-stepfunctions.js.snapshot/aws-cdk-codepipeline-stepfunctions.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-stepfunctions.js.snapshot/aws-cdk-codepipeline-stepfunctions.template.json @@ -186,7 +186,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -397,7 +396,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-with-replication.js.snapshot/integ-pipeline-consumer-stack.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-with-replication.js.snapshot/integ-pipeline-consumer-stack.template.json index 37a05d3db7569..01c46d2b4fe2e 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-with-replication.js.snapshot/integ-pipeline-consumer-stack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-with-replication.js.snapshot/integ-pipeline-consumer-stack.template.json @@ -148,7 +148,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -383,7 +382,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -763,7 +761,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/s3/integ.source-bucket-events-cross-stack-same-env.js.snapshot/PipelineStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/s3/integ.source-bucket-events-cross-stack-same-env.js.snapshot/PipelineStack.template.json index 50f7d17a513fc..5c9baff630942 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/s3/integ.source-bucket-events-cross-stack-same-env.js.snapshot/PipelineStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/s3/integ.source-bucket-events-cross-stack-same-env.js.snapshot/PipelineStack.template.json @@ -117,7 +117,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -356,7 +355,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -570,7 +568,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/integ-init.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/integ-init.template.json index bc2131c94c226..26b583d04e478 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/integ-init.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/integ-init.template.json @@ -445,7 +445,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/ec2/integ.environment-file.js.snapshot/aws-ecs-integ.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/ec2/integ.environment-file.js.snapshot/aws-ecs-integ.template.json index bd500a75311e9..94d0972fad1da 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/ec2/integ.environment-file.js.snapshot/aws-ecs-integ.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/ec2/integ.environment-file.js.snapshot/aws-ecs-integ.template.json @@ -1248,7 +1248,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1292,7 +1291,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster-imported.js.snapshot/aws-cdk-eks-import-cluster-test.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster-imported.js.snapshot/aws-cdk-eks-import-cluster-test.template.json index af48a16650997..9a70d0f6035ba 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster-imported.js.snapshot/aws-cdk-eks-import-cluster-test.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster-imported.js.snapshot/aws-cdk-eks-import-cluster-test.template.json @@ -545,7 +545,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster-ipv6.js.snapshot/aws-cdk-eks-cluster-ipv6-test.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster-ipv6.js.snapshot/aws-cdk-eks-cluster-ipv6-test.template.json index 781271a8b1208..e2feaf3af783f 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster-ipv6.js.snapshot/aws-cdk-eks-cluster-ipv6-test.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster-ipv6.js.snapshot/aws-cdk-eks-cluster-ipv6-test.template.json @@ -723,7 +723,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/aws-cdk-eks-cluster-test.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/aws-cdk-eks-cluster-test.template.json index e65a92eba98a3..48cbdeacf1e9f 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/aws-cdk-eks-cluster-test.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/aws-cdk-eks-cluster-test.template.json @@ -571,7 +571,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-helm-asset.js.snapshot/aws-cdk-eks-helm-test.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-helm-asset.js.snapshot/aws-cdk-eks-helm-test.template.json index 33918897a2b22..34f22196836b3 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-helm-asset.js.snapshot/aws-cdk-eks-helm-test.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-helm-asset.js.snapshot/aws-cdk-eks-helm-test.template.json @@ -544,7 +544,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-events-targets/test/codepipeline/integ.pipeline-event-target.js.snapshot/pipeline-events.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-events-targets/test/codepipeline/integ.pipeline-event-target.js.snapshot/pipeline-events.template.json index 3f2debc2c7f22..99b4ce0e9452a 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-events-targets/test/codepipeline/integ.pipeline-event-target.js.snapshot/pipeline-events.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-events-targets/test/codepipeline/integ.pipeline-event-target.js.snapshot/pipeline-events.template.json @@ -158,7 +158,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-events-targets/test/kinesis-firehose/integ.kinesis-firehose-stream.js.snapshot/aws-cdk-firehose-event-target.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-events-targets/test/kinesis-firehose/integ.kinesis-firehose-stream.js.snapshot/aws-cdk-firehose-event-target.template.json index bf2be6f908673..592f4eef1579f 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-events-targets/test/kinesis-firehose/integ.kinesis-firehose-stream.js.snapshot/aws-cdk-firehose-event-target.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-events-targets/test/kinesis-firehose/integ.kinesis-firehose-stream.js.snapshot/aws-cdk-firehose-event-target.template.json @@ -33,7 +33,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.js.snapshot/aws-cdk-rds-s3-integ.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.js.snapshot/aws-cdk-rds-s3-integ.template.json index a7190500d87a2..4e07f44f347c8 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.js.snapshot/aws-cdk-rds-s3-integ.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.js.snapshot/aws-cdk-rds-s3-integ.template.json @@ -518,7 +518,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -551,7 +550,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.mysql-8.js.snapshot/aws-cdk-rds-s3-mysql-8-integ.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.mysql-8.js.snapshot/aws-cdk-rds-s3-mysql-8-integ.template.json index 25376719dcd64..2ac33a1ea212d 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.mysql-8.js.snapshot/aws-cdk-rds-s3-mysql-8-integ.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.mysql-8.js.snapshot/aws-cdk-rds-s3-mysql-8-integ.template.json @@ -454,7 +454,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance-s3-postgres.js.snapshot/aws-cdk-rds-instance-s3-postgres-integ.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance-s3-postgres.js.snapshot/aws-cdk-rds-instance-s3-postgres-integ.template.json index 8e591599f81e4..0062655ad554e 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance-s3-postgres.js.snapshot/aws-cdk-rds-instance-s3-postgres-integ.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance-s3-postgres.js.snapshot/aws-cdk-rds-instance-s3-postgres-integ.template.json @@ -421,7 +421,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -487,7 +486,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance-s3.js.snapshot/aws-cdk-rds-instance-s3-integ.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance-s3.js.snapshot/aws-cdk-rds-instance-s3-integ.template.json index 314e2681a8bab..044db26f317fb 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance-s3.js.snapshot/aws-cdk-rds-instance-s3-integ.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance-s3.js.snapshot/aws-cdk-rds-instance-s3-integ.template.json @@ -457,7 +457,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -490,7 +489,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.bundling.lit.js.snapshot/cdk-integ-assets-bundling.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.bundling.lit.js.snapshot/cdk-integ-assets-bundling.template.json index c7cdebd7967cb..241b6f086f955 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.bundling.lit.js.snapshot/cdk-integ-assets-bundling.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.bundling.lit.js.snapshot/cdk-integ-assets-bundling.template.json @@ -12,7 +12,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.directory.lit.js.snapshot/aws-cdk-asset-test.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.directory.lit.js.snapshot/aws-cdk-asset-test.template.json index c7cdebd7967cb..241b6f086f955 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.directory.lit.js.snapshot/aws-cdk-asset-test.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.directory.lit.js.snapshot/aws-cdk-asset-test.template.json @@ -12,7 +12,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.file-bundling.lit.js.snapshot/cdk-integ-assets-bundling.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.file-bundling.lit.js.snapshot/cdk-integ-assets-bundling.template.json index c7cdebd7967cb..241b6f086f955 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.file-bundling.lit.js.snapshot/cdk-integ-assets-bundling.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.file-bundling.lit.js.snapshot/cdk-integ-assets-bundling.template.json @@ -12,7 +12,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.file.lit.js.snapshot/aws-cdk-asset-file-test.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.file.lit.js.snapshot/aws-cdk-asset-file-test.template.json index c7cdebd7967cb..241b6f086f955 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.file.lit.js.snapshot/aws-cdk-asset-file-test.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.file.lit.js.snapshot/aws-cdk-asset-file-test.template.json @@ -12,7 +12,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.permissions.lit.js.snapshot/aws-cdk-asset-refs.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.permissions.lit.js.snapshot/aws-cdk-asset-refs.template.json index 369c90ccb4c1b..20afa25c70cd8 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.permissions.lit.js.snapshot/aws-cdk-asset-refs.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.permissions.lit.js.snapshot/aws-cdk-asset-refs.template.json @@ -12,7 +12,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.refs.lit.js.snapshot/aws-cdk-asset-refs.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.refs.lit.js.snapshot/aws-cdk-asset-refs.template.json index 75193d8d0d39b..855b59b64f45c 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.refs.lit.js.snapshot/aws-cdk-asset-refs.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.refs.lit.js.snapshot/aws-cdk-asset-refs.template.json @@ -32,7 +32,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-cloudfront.js.snapshot/test-bucket-deployments-1.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-cloudfront.js.snapshot/test-bucket-deployments-1.template.json index 7d4ca1b2e18b7..da66b0e50e4b2 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-cloudfront.js.snapshot/test-bucket-deployments-1.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-cloudfront.js.snapshot/test-bucket-deployments-1.template.json @@ -278,7 +278,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -322,7 +321,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-data.js.snapshot/TestBucketDeploymentContent.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-data.js.snapshot/TestBucketDeploymentContent.template.json index 33577b4db6e3b..b0e4fc31a8ca8 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-data.js.snapshot/TestBucketDeploymentContent.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-data.js.snapshot/TestBucketDeploymentContent.template.json @@ -150,7 +150,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -194,7 +193,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-deployed-bucket.js.snapshot/test-bucket-deployment-deployed-bucket.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-deployed-bucket.js.snapshot/test-bucket-deployment-deployed-bucket.template.json index 3d1bb4a8c9240..115732d465c8c 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-deployed-bucket.js.snapshot/test-bucket-deployment-deployed-bucket.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-deployed-bucket.js.snapshot/test-bucket-deployment-deployed-bucket.template.json @@ -230,7 +230,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -274,7 +273,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-signcontent.js.snapshot/test-bucket-deployment-signobject.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-signcontent.js.snapshot/test-bucket-deployment-signobject.template.json index f406e27b3f7b9..03ca1cce00a89 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-signcontent.js.snapshot/test-bucket-deployment-signobject.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-signcontent.js.snapshot/test-bucket-deployment-signobject.template.json @@ -257,7 +257,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -301,7 +300,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-substitution-with-role.js.snapshot/cdk-s3-deploy-substitution-with-role.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-substitution-with-role.js.snapshot/cdk-s3-deploy-substitution-with-role.template.json index a99d3e9e971dc..44198da1f0327 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-substitution-with-role.js.snapshot/cdk-s3-deploy-substitution-with-role.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-substitution-with-role.js.snapshot/cdk-s3-deploy-substitution-with-role.template.json @@ -39,7 +39,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -83,7 +82,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-substitution.js.snapshot/test-s3-deploy-substitution.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-substitution.js.snapshot/test-s3-deploy-substitution.template.json index ef5eed4a95adf..93b685cc2d1ee 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-substitution.js.snapshot/test-s3-deploy-substitution.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-substitution.js.snapshot/test-s3-deploy-substitution.template.json @@ -151,7 +151,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -195,7 +194,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment.js.snapshot/test-bucket-deployments-2.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment.js.snapshot/test-bucket-deployments-2.template.json index 68f3285c915ec..d80d57e102eab 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment.js.snapshot/test-bucket-deployments-2.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment.js.snapshot/test-bucket-deployments-2.template.json @@ -239,7 +239,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -283,7 +282,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -1184,7 +1182,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1228,7 +1225,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-sharing.js.snapshot/ConsumerStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-sharing.js.snapshot/ConsumerStack.template.json index 293e7cdc9d5c5..906df6ecc3ff8 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-sharing.js.snapshot/ConsumerStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-sharing.js.snapshot/ConsumerStack.template.json @@ -14,7 +14,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.js.snapshot/aws-cdk-s3.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.js.snapshot/aws-cdk-s3.template.json index 78ab63dfdc92a..addecf1a07382 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.js.snapshot/aws-cdk-s3.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.js.snapshot/aws-cdk-s3.template.json @@ -88,7 +88,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -140,7 +139,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-servicecatalog/test/integ.nested-stack-in-product-stack.js.snapshot/aws-cdk-nested-stack-in-product-stack.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-servicecatalog/test/integ.nested-stack-in-product-stack.js.snapshot/aws-cdk-nested-stack-in-product-stack.template.json index d6086606484c5..354f8a3602b44 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-servicecatalog/test/integ.nested-stack-in-product-stack.js.snapshot/aws-cdk-nested-stack-in-product-stack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-servicecatalog/test/integ.nested-stack-in-product-stack.js.snapshot/aws-cdk-nested-stack-in-product-stack.template.json @@ -98,7 +98,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -135,7 +134,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-servicecatalog/test/integ.product.encrypted.asset.js.snapshot/integ-servicecatalog-product-encrypted-asset.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-servicecatalog/test/integ.product.encrypted.asset.js.snapshot/integ-servicecatalog-product-encrypted-asset.template.json index 27ea4dca200e0..15eaefe8acb9d 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-servicecatalog/test/integ.product.encrypted.asset.js.snapshot/integ-servicecatalog-product-encrypted-asset.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-servicecatalog/test/integ.product.encrypted.asset.js.snapshot/integ-servicecatalog-product-encrypted-asset.template.json @@ -386,7 +386,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -423,7 +422,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-servicecatalog/test/integ.product.js.snapshot/integ-servicecatalog-product.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-servicecatalog/test/integ.product.js.snapshot/integ-servicecatalog-product.template.json index 6435efcacbc9f..fb9e0740f7335 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-servicecatalog/test/integ.product.js.snapshot/integ-servicecatalog-product.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-servicecatalog/test/integ.product.js.snapshot/integ-servicecatalog-product.template.json @@ -246,7 +246,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -283,7 +282,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-servicecatalog/test/integ.two-products.js.snapshot/integ-servicecatalog-two-products.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-servicecatalog/test/integ.two-products.js.snapshot/integ-servicecatalog-two-products.template.json index 4fba990982455..a7a63627c886d 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-servicecatalog/test/integ.two-products.js.snapshot/integ-servicecatalog-two-products.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-servicecatalog/test/integ.two-products.js.snapshot/integ-servicecatalog-two-products.template.json @@ -257,7 +257,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -294,7 +293,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emrcontainers/integ.job-submission-workflow.js.snapshot/aws-stepfunctions-tasks-emr-containers-all-services-test.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emrcontainers/integ.job-submission-workflow.js.snapshot/aws-stepfunctions-tasks-emr-containers-all-services-test.template.json index 58c677a74c37c..cea9167958a72 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emrcontainers/integ.job-submission-workflow.js.snapshot/aws-stepfunctions-tasks-emr-containers-all-services-test.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emrcontainers/integ.job-submission-workflow.js.snapshot/aws-stepfunctions-tasks-emr-containers-all-services-test.template.json @@ -1087,7 +1087,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/glue/integ.glue-task.js.snapshot/aws-stepfunctions-integ.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/glue/integ.glue-task.js.snapshot/aws-stepfunctions-integ.template.json index 714cfcf2fb6c0..883741e07b733 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/glue/integ.glue-task.js.snapshot/aws-stepfunctions-integ.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/glue/integ.glue-task.js.snapshot/aws-stepfunctions-integ.template.json @@ -40,7 +40,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/glue/integ.start-job-run.js.snapshot/aws-stepfunctions-integ.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/glue/integ.start-job-run.js.snapshot/aws-stepfunctions-integ.template.json index 7066e276b5f68..e054ff5a5c807 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/glue/integ.start-job-run.js.snapshot/aws-stepfunctions-integ.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/glue/integ.start-job-run.js.snapshot/aws-stepfunctions-integ.template.json @@ -40,7 +40,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/sagemaker/integ.call-sagemaker.js.snapshot/aws-stepfunctions-integ-sagemaker.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/sagemaker/integ.call-sagemaker.js.snapshot/aws-stepfunctions-integ-sagemaker.template.json index aafd7db7895e0..b1f00c6fb8c47 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/sagemaker/integ.call-sagemaker.js.snapshot/aws-stepfunctions-integ-sagemaker.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/sagemaker/integ.call-sagemaker.js.snapshot/aws-stepfunctions-integ-sagemaker.template.json @@ -105,7 +105,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/sagemaker/integ.create-training-job.js.snapshot/integ-stepfunctions-sagemaker.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/sagemaker/integ.create-training-job.js.snapshot/integ-stepfunctions-sagemaker.template.json index 129bfaa822cb5..c3525778207e9 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/sagemaker/integ.create-training-job.js.snapshot/integ-stepfunctions-sagemaker.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/sagemaker/integ.create-training-job.js.snapshot/integ-stepfunctions-sagemaker.template.json @@ -105,7 +105,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-codebuild-logging.js.snapshot/PipelineStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-codebuild-logging.js.snapshot/PipelineStack.template.json index 5dd43677474af..66eefea24034b 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-codebuild-logging.js.snapshot/PipelineStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-codebuild-logging.js.snapshot/PipelineStack.template.json @@ -68,7 +68,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -153,7 +152,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -2055,7 +2053,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -2413,7 +2410,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/PipelineStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/PipelineStack.template.json index 1e76b9a29c247..bc3610a87c7cb 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/PipelineStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/PipelineStack.template.json @@ -157,7 +157,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -242,7 +241,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -2104,7 +2102,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -2408,7 +2405,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-file-system-locations.js.snapshot/PipelinesFileSystemLocations.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-file-system-locations.js.snapshot/PipelinesFileSystemLocations.template.json index 7429d4c73766c..f9db4786bc4a3 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-file-system-locations.js.snapshot/PipelinesFileSystemLocations.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-file-system-locations.js.snapshot/PipelinesFileSystemLocations.template.json @@ -601,7 +601,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -686,7 +685,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -1008,7 +1006,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1276,7 +1273,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -1691,7 +1687,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-vpc.js.snapshot/PipelineStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-vpc.js.snapshot/PipelineStack.template.json index 631b00ea21fbd..5144b7a84f1a8 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-vpc.js.snapshot/PipelineStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-vpc.js.snapshot/PipelineStack.template.json @@ -459,7 +459,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -544,7 +543,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -1127,7 +1125,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -1568,7 +1565,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1898,7 +1894,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline.js.snapshot/PipelineStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline.js.snapshot/PipelineStack.template.json index b07adfe1daa4c..476a2b6f3ea0c 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline.js.snapshot/PipelineStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline.js.snapshot/PipelineStack.template.json @@ -68,7 +68,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -153,7 +152,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -1990,7 +1988,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -2273,7 +2270,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-security.js.snapshot/PipelineSecurityStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-security.js.snapshot/PipelineSecurityStack.template.json index c98a018d86e70..31b8ac763d327 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-security.js.snapshot/PipelineSecurityStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-security.js.snapshot/PipelineSecurityStack.template.json @@ -298,7 +298,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -383,7 +382,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -1557,7 +1555,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1825,7 +1822,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -2547,7 +2543,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -2892,7 +2887,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-artifact-bucket.js.snapshot/PipelineStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-artifact-bucket.js.snapshot/PipelineStack.template.json index 3c961b2f619bb..1490697d192bd 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-artifact-bucket.js.snapshot/PipelineStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-artifact-bucket.js.snapshot/PipelineStack.template.json @@ -38,7 +38,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -267,7 +266,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -458,7 +456,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -741,7 +738,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-assets-single-upload.js.snapshot/PipelineStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-assets-single-upload.js.snapshot/PipelineStack.template.json index d092e6c4fbf82..4bfa5d8e80181 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-assets-single-upload.js.snapshot/PipelineStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-assets-single-upload.js.snapshot/PipelineStack.template.json @@ -298,7 +298,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -383,7 +382,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -848,7 +846,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1116,7 +1113,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -1458,7 +1454,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1696,7 +1691,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1900,7 +1894,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-assets.js.snapshot/PipelineStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-assets.js.snapshot/PipelineStack.template.json index a27d07f9c57b0..97408341b8cdb 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-assets.js.snapshot/PipelineStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-assets.js.snapshot/PipelineStack.template.json @@ -298,7 +298,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -383,7 +382,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -875,7 +873,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1143,7 +1140,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -1485,7 +1481,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1723,7 +1718,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1927,7 +1921,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-stack-outputs-in-custom-step.js.snapshot/StackOutputPipelineStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-stack-outputs-in-custom-step.js.snapshot/StackOutputPipelineStack.template.json index 0fd2d313a8caf..a6f1c9de03e0f 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-stack-outputs-in-custom-step.js.snapshot/StackOutputPipelineStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-stack-outputs-in-custom-step.js.snapshot/StackOutputPipelineStack.template.json @@ -73,7 +73,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -158,7 +157,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -820,7 +818,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-variables.js.snapshot/VariablePipelineStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-variables.js.snapshot/VariablePipelineStack.template.json index e4a9253265f30..811c2f4d1eb6a 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-variables.js.snapshot/VariablePipelineStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-with-variables.js.snapshot/VariablePipelineStack.template.json @@ -239,7 +239,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -494,7 +493,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -685,7 +683,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -786,7 +783,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -913,7 +909,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1022,7 +1017,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -1149,7 +1143,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-without-prepare.js.snapshot/PreparelessPipelineStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-without-prepare.js.snapshot/PreparelessPipelineStack.template.json index c71f77f851a42..90ccb6edb4c14 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-without-prepare.js.snapshot/PreparelessPipelineStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline-without-prepare.js.snapshot/PreparelessPipelineStack.template.json @@ -210,7 +210,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -295,7 +294,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -586,7 +584,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -777,7 +774,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline.js.snapshot/PipelineStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline.js.snapshot/PipelineStack.template.json index e3e2f396ad8ba..77fe88343914b 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline.js.snapshot/PipelineStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.pipeline.js.snapshot/PipelineStack.template.json @@ -298,7 +298,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -383,7 +382,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -810,7 +808,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1078,7 +1075,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -1420,7 +1416,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1658,7 +1653,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk/app-staging-synthesizer-alpha/test/integ.synth-default-resources.js.snapshot/StagingStack-default-resourcesmax-ACCOUNT-REGION.template.json b/packages/@aws-cdk/app-staging-synthesizer-alpha/test/integ.synth-default-resources.js.snapshot/StagingStack-default-resourcesmax-ACCOUNT-REGION.template.json index 5e66c5e65976e..ca7bac420615b 100644 --- a/packages/@aws-cdk/app-staging-synthesizer-alpha/test/integ.synth-default-resources.js.snapshot/StagingStack-default-resourcesmax-ACCOUNT-REGION.template.json +++ b/packages/@aws-cdk/app-staging-synthesizer-alpha/test/integ.synth-default-resources.js.snapshot/StagingStack-default-resourcesmax-ACCOUNT-REGION.template.json @@ -54,7 +54,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk/app-staging-synthesizer-alpha/test/integ.synth-default-resources.ts.snapshot/StagingStack-default-resourcesmax-ACCOUNT-REGION.template.json b/packages/@aws-cdk/app-staging-synthesizer-alpha/test/integ.synth-default-resources.ts.snapshot/StagingStack-default-resourcesmax-ACCOUNT-REGION.template.json index 72c93cb35d17e..ca7bac420615b 100644 --- a/packages/@aws-cdk/app-staging-synthesizer-alpha/test/integ.synth-default-resources.ts.snapshot/StagingStack-default-resourcesmax-ACCOUNT-REGION.template.json +++ b/packages/@aws-cdk/app-staging-synthesizer-alpha/test/integ.synth-default-resources.ts.snapshot/StagingStack-default-resourcesmax-ACCOUNT-REGION.template.json @@ -54,7 +54,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -344,7 +343,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk/aws-appconfig-alpha/test/integ.configuration.js.snapshot/aws-appconfig-configuration.template.json b/packages/@aws-cdk/aws-appconfig-alpha/test/integ.configuration.js.snapshot/aws-appconfig-configuration.template.json index d7abb505cc66f..6dbdcb9b930ac 100644 --- a/packages/@aws-cdk/aws-appconfig-alpha/test/integ.configuration.js.snapshot/aws-appconfig-configuration.template.json +++ b/packages/@aws-cdk/aws-appconfig-alpha/test/integ.configuration.js.snapshot/aws-appconfig-configuration.template.json @@ -590,7 +590,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -634,7 +633,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -1239,7 +1237,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -1453,7 +1450,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1615,7 +1611,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk/aws-apprunner-alpha/test/service.test.ts b/packages/@aws-cdk/aws-apprunner-alpha/test/service.test.ts index ed1e2801c0068..d73b9cf0d7a16 100644 --- a/packages/@aws-cdk/aws-apprunner-alpha/test/service.test.ts +++ b/packages/@aws-cdk/aws-apprunner-alpha/test/service.test.ts @@ -1301,7 +1301,6 @@ test('Service is grantable', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], Resource: [ diff --git a/packages/@aws-cdk/aws-glue-alpha/test/code.test.ts b/packages/@aws-cdk/aws-glue-alpha/test/code.test.ts index 20283841aaf94..f67d6f71526b4 100644 --- a/packages/@aws-cdk/aws-glue-alpha/test/code.test.ts +++ b/packages/@aws-cdk/aws-glue-alpha/test/code.test.ts @@ -43,7 +43,6 @@ describe('Code', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], Effect: 'Allow', @@ -153,7 +152,6 @@ describe('Code', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], Effect: 'Allow', diff --git a/packages/@aws-cdk/aws-glue-alpha/test/integ.job-python-shell.js.snapshot/aws-glue-job-python-shell.template.json b/packages/@aws-cdk/aws-glue-alpha/test/integ.job-python-shell.js.snapshot/aws-glue-job-python-shell.template.json index 27710430569eb..dece180ae8219 100644 --- a/packages/@aws-cdk/aws-glue-alpha/test/integ.job-python-shell.js.snapshot/aws-glue-job-python-shell.template.json +++ b/packages/@aws-cdk/aws-glue-alpha/test/integ.job-python-shell.js.snapshot/aws-glue-job-python-shell.template.json @@ -40,7 +40,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -167,7 +166,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/aws-glue-job.template.json b/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/aws-glue-job.template.json index 038577fa9674b..e524ee21d34da 100644 --- a/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/aws-glue-job.template.json +++ b/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/aws-glue-job.template.json @@ -42,7 +42,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -78,7 +77,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -273,7 +271,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -403,7 +400,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -439,7 +435,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -634,7 +629,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -764,7 +758,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -800,7 +793,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -995,7 +987,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1123,7 +1114,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1249,7 +1239,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1375,7 +1364,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -1504,7 +1492,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk/aws-glue-alpha/test/integ.table.js.snapshot/aws-cdk-glue.template.json b/packages/@aws-cdk/aws-glue-alpha/test/integ.table.js.snapshot/aws-cdk-glue.template.json index a6af791ac5366..75020f0d007ad 100644 --- a/packages/@aws-cdk/aws-glue-alpha/test/integ.table.js.snapshot/aws-cdk-glue.template.json +++ b/packages/@aws-cdk/aws-glue-alpha/test/integ.table.js.snapshot/aws-cdk-glue.template.json @@ -774,7 +774,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", @@ -967,7 +966,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk/aws-glue-alpha/test/job.test.ts b/packages/@aws-cdk/aws-glue-alpha/test/job.test.ts index 92ab59c104914..748d89b5668a2 100644 --- a/packages/@aws-cdk/aws-glue-alpha/test/job.test.ts +++ b/packages/@aws-cdk/aws-glue-alpha/test/job.test.ts @@ -68,7 +68,6 @@ describe('Job', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], Effect: 'Allow', @@ -485,7 +484,6 @@ describe('Job', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', 's3:DeleteObject*', 's3:PutObject', @@ -575,7 +573,6 @@ describe('Job', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', 's3:DeleteObject*', 's3:PutObject', @@ -675,7 +672,6 @@ describe('Job', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', 's3:DeleteObject*', 's3:PutObject', diff --git a/packages/@aws-cdk/aws-glue-alpha/test/s3-table.test.ts b/packages/@aws-cdk/aws-glue-alpha/test/s3-table.test.ts index 3283dab446f4c..c5e498ad61c41 100644 --- a/packages/@aws-cdk/aws-glue-alpha/test/s3-table.test.ts +++ b/packages/@aws-cdk/aws-glue-alpha/test/s3-table.test.ts @@ -792,7 +792,6 @@ describe('grants', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], Effect: 'Allow', @@ -1002,7 +1001,6 @@ describe('grants', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', 's3:DeleteObject*', 's3:PutObject', diff --git a/packages/@aws-cdk/aws-glue-alpha/test/table-deprecated.test.ts b/packages/@aws-cdk/aws-glue-alpha/test/table-deprecated.test.ts index 62d803f079b5a..9803d72a36240 100644 --- a/packages/@aws-cdk/aws-glue-alpha/test/table-deprecated.test.ts +++ b/packages/@aws-cdk/aws-glue-alpha/test/table-deprecated.test.ts @@ -1118,7 +1118,6 @@ describe('grants', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], Effect: 'Allow', @@ -1328,7 +1327,6 @@ describe('grants', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', 's3:DeleteObject*', 's3:PutObject', diff --git a/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.js.snapshot/test-stack.template.json b/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.js.snapshot/test-stack.template.json index 5f46a30499f75..0b0c7bce3882d 100644 --- a/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.js.snapshot/test-stack.template.json +++ b/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.js.snapshot/test-stack.template.json @@ -105,7 +105,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/application.test.ts b/packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/application.test.ts index 8381ca7f1a852..996a018649db7 100644 --- a/packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/application.test.ts +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/application.test.ts @@ -81,7 +81,7 @@ describe('Application', () => { { Action: 'cloudwatch:PutMetricData', Effect: 'Allow', Resource: '*' }, // Access to read from the code bucket { - Action: ['s3:GetObject*', 's3:GetBucket*', 's3:HeadObject', 's3:List*'], + Action: ['s3:GetObject*', 's3:GetBucket*', 's3:List*'], Effect: 'Allow', Resource: Match.anyValue(), }, @@ -209,7 +209,7 @@ describe('Application', () => { PolicyDocument: { Version: '2012-10-17', Statement: Match.arrayWith([ - Match.objectLike({ Action: ['s3:GetObject*', 's3:GetBucket*', 's3:HeadObject', 's3:List*'] }), + Match.objectLike({ Action: ['s3:GetObject*', 's3:GetBucket*', 's3:List*'] }), ]), }, }); diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/integ.application-code-from-bucket.lit.js.snapshot/FlinkAppCodeFromBucketTest.template.json b/packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/integ.application-code-from-bucket.lit.js.snapshot/FlinkAppCodeFromBucketTest.template.json index 91c82e63ebc2a..f7ddc667eef74 100644 --- a/packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/integ.application-code-from-bucket.lit.js.snapshot/FlinkAppCodeFromBucketTest.template.json +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/integ.application-code-from-bucket.lit.js.snapshot/FlinkAppCodeFromBucketTest.template.json @@ -31,7 +31,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/integ.application.lit.js.snapshot/FlinkAppTest.template.json b/packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/integ.application.lit.js.snapshot/FlinkAppTest.template.json index c3638a20fca12..b9c3e751700b7 100644 --- a/packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/integ.application.lit.js.snapshot/FlinkAppTest.template.json +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/integ.application.lit.js.snapshot/FlinkAppTest.template.json @@ -31,7 +31,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/integ.vpc-application.js.snapshot/FlinkAppTest.template.json b/packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/integ.vpc-application.js.snapshot/FlinkAppTest.template.json index 26c53685899b1..b2ab7859cf42a 100644 --- a/packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/integ.vpc-application.js.snapshot/FlinkAppTest.template.json +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/integ.vpc-application.js.snapshot/FlinkAppTest.template.json @@ -432,7 +432,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/aws-cdk-firehose-delivery-stream.template.json b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/aws-cdk-firehose-delivery-stream.template.json index 9a9541300dbb6..224216bc4fb4c 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/aws-cdk-firehose-delivery-stream.template.json +++ b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/aws-cdk-firehose-delivery-stream.template.json @@ -33,7 +33,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.js.snapshot/aws-cdk-firehose-delivery-stream-source-stream.template.json b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.js.snapshot/aws-cdk-firehose-delivery-stream-source-stream.template.json index b777fc68955f2..cbf990668d7bf 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.js.snapshot/aws-cdk-firehose-delivery-stream-source-stream.template.json +++ b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.js.snapshot/aws-cdk-firehose-delivery-stream-source-stream.template.json @@ -33,7 +33,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.js.snapshot/aws-cdk-firehose-delivery-stream-s3-all-properties.template.json b/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.js.snapshot/aws-cdk-firehose-delivery-stream-s3-all-properties.template.json index d3fa5e0ac99f8..bcb74d8545e22 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.js.snapshot/aws-cdk-firehose-delivery-stream-s3-all-properties.template.json +++ b/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.js.snapshot/aws-cdk-firehose-delivery-stream-s3-all-properties.template.json @@ -401,7 +401,6 @@ "s3:DeleteObject*", "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*", "s3:PutObject", "s3:PutObjectLegalHold", diff --git a/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/s3-bucket.test.ts b/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/s3-bucket.test.ts index 34344c59c702e..18404c284ce2b 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/s3-bucket.test.ts +++ b/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/s3-bucket.test.ts @@ -85,7 +85,6 @@ describe('S3 destination', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', 's3:DeleteObject*', 's3:PutObject', @@ -122,7 +121,6 @@ describe('S3 destination', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', 's3:DeleteObject*', 's3:PutObject', diff --git a/packages/@aws-cdk/aws-sagemaker-alpha/test/integ.endpoint-config.js.snapshot/aws-cdk-sagemaker-endpointconfig.template.json b/packages/@aws-cdk/aws-sagemaker-alpha/test/integ.endpoint-config.js.snapshot/aws-cdk-sagemaker-endpointconfig.template.json index 78dae142573d1..f4258769bc2b2 100644 --- a/packages/@aws-cdk/aws-sagemaker-alpha/test/integ.endpoint-config.js.snapshot/aws-cdk-sagemaker-endpointconfig.template.json +++ b/packages/@aws-cdk/aws-sagemaker-alpha/test/integ.endpoint-config.js.snapshot/aws-cdk-sagemaker-endpointconfig.template.json @@ -483,7 +483,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk/aws-sagemaker-alpha/test/integ.endpoint.alarms.js.snapshot/aws-cdk-sagemaker-endpoint-alarms.template.json b/packages/@aws-cdk/aws-sagemaker-alpha/test/integ.endpoint.alarms.js.snapshot/aws-cdk-sagemaker-endpoint-alarms.template.json index 220a434d34fbb..3aa1523256cb9 100644 --- a/packages/@aws-cdk/aws-sagemaker-alpha/test/integ.endpoint.alarms.js.snapshot/aws-cdk-sagemaker-endpoint-alarms.template.json +++ b/packages/@aws-cdk/aws-sagemaker-alpha/test/integ.endpoint.alarms.js.snapshot/aws-cdk-sagemaker-endpoint-alarms.template.json @@ -76,7 +76,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk/aws-sagemaker-alpha/test/integ.endpoint.js.snapshot/aws-cdk-sagemaker-endpoint.template.json b/packages/@aws-cdk/aws-sagemaker-alpha/test/integ.endpoint.js.snapshot/aws-cdk-sagemaker-endpoint.template.json index 074de5842ea59..c8ee42be60b0f 100644 --- a/packages/@aws-cdk/aws-sagemaker-alpha/test/integ.endpoint.js.snapshot/aws-cdk-sagemaker-endpoint.template.json +++ b/packages/@aws-cdk/aws-sagemaker-alpha/test/integ.endpoint.js.snapshot/aws-cdk-sagemaker-endpoint.template.json @@ -76,7 +76,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/@aws-cdk/aws-sagemaker-alpha/test/integ.model.js.snapshot/aws-cdk-sagemaker-model.template.json b/packages/@aws-cdk/aws-sagemaker-alpha/test/integ.model.js.snapshot/aws-cdk-sagemaker-model.template.json index f5aac644145f0..30d465357b949 100644 --- a/packages/@aws-cdk/aws-sagemaker-alpha/test/integ.model.js.snapshot/aws-cdk-sagemaker-model.template.json +++ b/packages/@aws-cdk/aws-sagemaker-alpha/test/integ.model.js.snapshot/aws-cdk-sagemaker-model.template.json @@ -483,7 +483,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", @@ -686,7 +685,6 @@ "Action": [ "s3:GetBucket*", "s3:GetObject*", - "s3:HeadObject", "s3:List*" ], "Effect": "Allow", diff --git a/packages/aws-cdk-lib/aws-codebuild/test/codebuild.test.ts b/packages/aws-cdk-lib/aws-codebuild/test/codebuild.test.ts index 535d857b11400..3827705d56195 100644 --- a/packages/aws-cdk-lib/aws-codebuild/test/codebuild.test.ts +++ b/packages/aws-cdk-lib/aws-codebuild/test/codebuild.test.ts @@ -393,7 +393,6 @@ describe('default properties', () => { 'Action': [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], 'Effect': 'Allow', diff --git a/packages/aws-cdk-lib/aws-codepipeline-actions/test/cloudformation/cloudformation-pipeline-actions.test.ts b/packages/aws-cdk-lib/aws-codepipeline-actions/test/cloudformation/cloudformation-pipeline-actions.test.ts index 879ef29a9cc21..9d75c0279720a 100644 --- a/packages/aws-cdk-lib/aws-codepipeline-actions/test/cloudformation/cloudformation-pipeline-actions.test.ts +++ b/packages/aws-cdk-lib/aws-codepipeline-actions/test/cloudformation/cloudformation-pipeline-actions.test.ts @@ -243,7 +243,6 @@ describe('CloudFormation Pipeline Actions', () => { 'Action': [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], 'Effect': 'Allow', @@ -673,7 +672,6 @@ describe('CloudFormation Pipeline Actions', () => { 'Action': [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], 'Effect': 'Allow', @@ -689,7 +687,6 @@ describe('CloudFormation Pipeline Actions', () => { 'Action': [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], 'Effect': 'Allow', diff --git a/packages/aws-cdk-lib/aws-codepipeline-actions/test/cloudformation/cloudformation-stackset-pipeline-actions.test.ts b/packages/aws-cdk-lib/aws-codepipeline-actions/test/cloudformation/cloudformation-stackset-pipeline-actions.test.ts index e5cc5441a37a4..cfa43a665baea 100644 --- a/packages/aws-cdk-lib/aws-codepipeline-actions/test/cloudformation/cloudformation-stackset-pipeline-actions.test.ts +++ b/packages/aws-cdk-lib/aws-codepipeline-actions/test/cloudformation/cloudformation-stackset-pipeline-actions.test.ts @@ -166,7 +166,6 @@ describe('StackSetAction', () => { 'Action': [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], 'Effect': 'Allow', diff --git a/packages/aws-cdk-lib/aws-codepipeline-actions/test/lambda/lambda-invoke-action.test.ts b/packages/aws-cdk-lib/aws-codepipeline-actions/test/lambda/lambda-invoke-action.test.ts index a37055b23e1bb..2798fed1e27b5 100644 --- a/packages/aws-cdk-lib/aws-codepipeline-actions/test/lambda/lambda-invoke-action.test.ts +++ b/packages/aws-cdk-lib/aws-codepipeline-actions/test/lambda/lambda-invoke-action.test.ts @@ -140,7 +140,6 @@ describe('', () => { 'Action': [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], 'Effect': 'Allow', @@ -225,7 +224,6 @@ describe('', () => { 'Action': [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], 'Effect': 'Allow', diff --git a/packages/aws-cdk-lib/aws-codepipeline-actions/test/pipeline.test.ts b/packages/aws-cdk-lib/aws-codepipeline-actions/test/pipeline.test.ts index 66df8321769ff..fac873b4ba4fd 100644 --- a/packages/aws-cdk-lib/aws-codepipeline-actions/test/pipeline.test.ts +++ b/packages/aws-cdk-lib/aws-codepipeline-actions/test/pipeline.test.ts @@ -927,7 +927,6 @@ describe('pipeline', () => { 'Action': [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], 'Effect': 'Allow', diff --git a/packages/aws-cdk-lib/aws-codepipeline-actions/test/s3/s3-deploy-action.test.ts b/packages/aws-cdk-lib/aws-codepipeline-actions/test/s3/s3-deploy-action.test.ts index d70e58dd0deb6..a2d362a9602e0 100644 --- a/packages/aws-cdk-lib/aws-codepipeline-actions/test/s3/s3-deploy-action.test.ts +++ b/packages/aws-cdk-lib/aws-codepipeline-actions/test/s3/s3-deploy-action.test.ts @@ -57,7 +57,6 @@ describe('S3 Deploy Action', () => { 'Action': [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', 's3:DeleteObject*', 's3:PutObject', diff --git a/packages/aws-cdk-lib/aws-ec2/test/cfn-init.test.ts b/packages/aws-cdk-lib/aws-ec2/test/cfn-init.test.ts index 62f0a35bd08e1..bf6823a598988 100644 --- a/packages/aws-cdk-lib/aws-ec2/test/cfn-init.test.ts +++ b/packages/aws-cdk-lib/aws-ec2/test/cfn-init.test.ts @@ -302,7 +302,7 @@ describe('userdata', () => { }); const ASSET_STATEMENT = { - Action: ['s3:GetObject*', 's3:GetBucket*', 's3:HeadObject', 's3:List*'], + Action: ['s3:GetObject*', 's3:GetBucket*', 's3:List*'], Effect: 'Allow', Resource: [ { @@ -446,7 +446,7 @@ describe('assets n buckets', () => { Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { PolicyDocument: { Statement: Match.arrayWith([{ - Action: ['s3:GetObject*', 's3:GetBucket*', 's3:HeadObject', 's3:List*'], + Action: ['s3:GetObject*', 's3:GetBucket*', 's3:List*'], Effect: 'Allow', Resource: [ { 'Fn::Join': ['', ['arn:', { Ref: 'AWS::Partition' }, ':s3:::my-bucket']] }, @@ -489,7 +489,7 @@ describe('assets n buckets', () => { Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { PolicyDocument: { Statement: Match.arrayWith([{ - Action: ['s3:GetObject*', 's3:GetBucket*', 's3:HeadObject', 's3:List*'], + Action: ['s3:GetObject*', 's3:GetBucket*', 's3:List*'], Effect: 'Allow', Resource: [ { 'Fn::Join': ['', ['arn:', { Ref: 'AWS::Partition' }, ':s3:::my-bucket']] }, diff --git a/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts b/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts index b887624aa9891..a759faa15ffdb 100644 --- a/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts +++ b/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts @@ -2414,7 +2414,6 @@ describe('cluster', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], Effect: 'Allow', @@ -2664,7 +2663,6 @@ describe('cluster', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', 's3:DeleteObject*', 's3:PutObject', diff --git a/packages/aws-cdk-lib/aws-rds/test/instance.test.ts b/packages/aws-cdk-lib/aws-rds/test/instance.test.ts index d7a46d4012f82..3e791f2a0ab81 100644 --- a/packages/aws-cdk-lib/aws-rds/test/instance.test.ts +++ b/packages/aws-cdk-lib/aws-rds/test/instance.test.ts @@ -1519,7 +1519,6 @@ describe('instance', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], Effect: 'Allow', @@ -1532,7 +1531,6 @@ describe('instance', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', 's3:DeleteObject*', 's3:PutObject', diff --git a/packages/aws-cdk-lib/aws-s3-assets/test/asset.test.ts b/packages/aws-cdk-lib/aws-s3-assets/test/asset.test.ts index 44e3e1aa686bc..4aa70b59bf24d 100644 --- a/packages/aws-cdk-lib/aws-s3-assets/test/asset.test.ts +++ b/packages/aws-cdk-lib/aws-s3-assets/test/asset.test.ts @@ -131,7 +131,7 @@ test('"readers" or "grantRead" can be used to grant read permissions on the asse Version: '2012-10-17', Statement: [ { - Action: ['s3:GetObject*', 's3:GetBucket*', 's3:HeadObject', 's3:List*'], + Action: ['s3:GetObject*', 's3:GetBucket*', 's3:List*'], Effect: 'Allow', Resource: [ { 'Fn::Join': ['', ['arn:', { Ref: 'AWS::Partition' }, ':s3:::', { Ref: 'AssetParameters6b84b87243a4a01c592d78e1fd3855c4bfef39328cd0a450cc97e81717fea2a2S3Bucket50B5A10B' }]] }, diff --git a/packages/aws-cdk-lib/aws-s3-deployment/test/bucket-deployment.test.ts b/packages/aws-cdk-lib/aws-s3-deployment/test/bucket-deployment.test.ts index a5b0448df6322..f4cb9b8807678 100644 --- a/packages/aws-cdk-lib/aws-s3-deployment/test/bucket-deployment.test.ts +++ b/packages/aws-cdk-lib/aws-s3-deployment/test/bucket-deployment.test.ts @@ -661,7 +661,6 @@ test('lambda execution role gets permissions to read from the source bucket and Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], Effect: 'Allow', @@ -692,7 +691,6 @@ test('lambda execution role gets permissions to read from the source bucket and Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', 's3:DeleteObject*', 's3:PutObject', diff --git a/packages/aws-cdk-lib/aws-s3/lib/perms.ts b/packages/aws-cdk-lib/aws-s3/lib/perms.ts index e809cc39fec91..dcebbd92a0333 100644 --- a/packages/aws-cdk-lib/aws-s3/lib/perms.ts +++ b/packages/aws-cdk-lib/aws-s3/lib/perms.ts @@ -1,7 +1,6 @@ export const BUCKET_READ_ACTIONS = [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ]; diff --git a/packages/aws-cdk-lib/aws-s3/test/bucket.test.ts b/packages/aws-cdk-lib/aws-s3/test/bucket.test.ts index 19bb2935335f4..88cc9d33dd97d 100644 --- a/packages/aws-cdk-lib/aws-s3/test/bucket.test.ts +++ b/packages/aws-cdk-lib/aws-s3/test/bucket.test.ts @@ -1400,7 +1400,6 @@ describe('bucket', () => { 'Action': [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], 'Resource': [{ @@ -1540,7 +1539,6 @@ describe('bucket', () => { 'Action': [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], 'Effect': 'Allow', @@ -1613,7 +1611,6 @@ describe('bucket', () => { 'Action': [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', 's3:DeleteObject*', 's3:PutObject', @@ -1676,7 +1673,7 @@ describe('bucket', () => { 'Version': '2012-10-17', 'Statement': [ { - 'Action': ['s3:GetObject*', 's3:GetBucket*', 's3:HeadObject', 's3:List*'], + 'Action': ['s3:GetObject*', 's3:GetBucket*', 's3:List*'], 'Condition': { 'StringEquals': { 'aws:PrincipalOrgID': 'o-1234' } }, 'Effect': 'Allow', 'Principal': { AWS: '*' }, @@ -1720,7 +1717,6 @@ describe('bucket', () => { 'Action': [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', 's3:DeleteObject*', 's3:PutObject', @@ -2044,7 +2040,6 @@ describe('bucket', () => { 'Action': [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], 'Effect': 'Allow', @@ -2104,7 +2099,6 @@ describe('bucket', () => { 'Action': [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], 'Effect': 'Allow', @@ -2134,7 +2128,6 @@ describe('bucket', () => { 'Action': [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], 'Effect': 'Allow', diff --git a/packages/aws-cdk-lib/aws-servicecatalog/test/portfolio.test.ts b/packages/aws-cdk-lib/aws-servicecatalog/test/portfolio.test.ts index 304920dff38e2..a7034e5e1689f 100644 --- a/packages/aws-cdk-lib/aws-servicecatalog/test/portfolio.test.ts +++ b/packages/aws-cdk-lib/aws-servicecatalog/test/portfolio.test.ts @@ -231,7 +231,7 @@ describe('Portfolio', () => { PolicyDocument: { Statement: [{ Effect: 'Allow', - Action: ['s3:GetObject*', 's3:GetBucket*', 's3:HeadObject', 's3:List*'], + Action: ['s3:GetObject*', 's3:GetBucket*', 's3:List*'], Principal: { AWS: { 'Fn::Join': [ diff --git a/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/emrcontainers/start-job-run.test.ts b/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/emrcontainers/start-job-run.test.ts index 8606a2c67f505..67f37ba04e8a1 100644 --- a/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/emrcontainers/start-job-run.test.ts +++ b/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/emrcontainers/start-job-run.test.ts @@ -245,7 +245,6 @@ describe('Invoke EMR Containers Start Job Run with ', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', 's3:DeleteObject*', 's3:PutObject', @@ -391,7 +390,6 @@ describe('Invoke EMR Containers Start Job Run with ', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', 's3:DeleteObject*', 's3:PutObject', diff --git a/packages/aws-cdk-lib/aws-stepfunctions/test/state-machine.test.ts b/packages/aws-cdk-lib/aws-stepfunctions/test/state-machine.test.ts index b6ff3aa16d916..df71c7d4fa392 100644 --- a/packages/aws-cdk-lib/aws-stepfunctions/test/state-machine.test.ts +++ b/packages/aws-cdk-lib/aws-stepfunctions/test/state-machine.test.ts @@ -323,7 +323,6 @@ describe('State Machine', () => { Action: [ 's3:GetObject*', 's3:GetBucket*', - 's3:HeadObject', 's3:List*', ], Effect: 'Allow', diff --git a/packages/aws-cdk-lib/pipelines/test/compliance/assets.test.ts b/packages/aws-cdk-lib/pipelines/test/compliance/assets.test.ts index 8d064e28dae97..047963afb84ec 100644 --- a/packages/aws-cdk-lib/pipelines/test/compliance/assets.test.ts +++ b/packages/aws-cdk-lib/pipelines/test/compliance/assets.test.ts @@ -951,7 +951,7 @@ function expectedAssetRolePolicy(assumeRolePattern: string | string[], attachedR Resource: unsingleton(assumeRolePattern.map(arn => { return { 'Fn::Sub': arn }; })), }, { - Action: ['s3:GetObject*', 's3:GetBucket*', 's3:HeadObject', 's3:List*'], + Action: ['s3:GetObject*', 's3:GetBucket*', 's3:List*'], Effect: 'Allow', Resource: [ { 'Fn::GetAtt': ['CdkPipelineArtifactsBucket7B46C7BF', 'Arn'] }, diff --git a/packages/aws-cdk-lib/pipelines/test/compliance/environments.test.ts b/packages/aws-cdk-lib/pipelines/test/compliance/environments.test.ts index dc468d20e2043..777ffb83a0d2c 100644 --- a/packages/aws-cdk-lib/pipelines/test/compliance/environments.test.ts +++ b/packages/aws-cdk-lib/pipelines/test/compliance/environments.test.ts @@ -77,7 +77,7 @@ behavior('action has right settings for same-env deployment', (suite) => { Template.fromStack(pipelineStack).hasResourceProperties('AWS::S3::BucketPolicy', { PolicyDocument: { Statement: Match.arrayWith([Match.objectLike({ - Action: ['s3:GetObject*', 's3:GetBucket*', 's3:HeadObject', 's3:List*'], + Action: ['s3:GetObject*', 's3:GetBucket*', 's3:List*'], Principal: { AWS: roleArn('deploy-role'), }, @@ -156,7 +156,7 @@ behavior('action has right settings for cross-account deployment', (suite) => { Template.fromStack(pipelineStack).hasResourceProperties('AWS::S3::BucketPolicy', { PolicyDocument: { Statement: Match.arrayWith([Match.objectLike({ - Action: ['s3:GetObject*', 's3:GetBucket*', 's3:HeadObject', 's3:List*'], + Action: ['s3:GetObject*', 's3:GetBucket*', 's3:List*'], Principal: { AWS: { 'Fn::Join': ['', [ @@ -332,7 +332,7 @@ behavior('action has right settings for cross-account/cross-region deployment', Template.fromStack(supportStack!).hasResourceProperties('AWS::S3::BucketPolicy', { PolicyDocument: { Statement: Match.arrayWith([Match.objectLike({ - Action: Match.arrayWith(['s3:GetObject*', 's3:GetBucket*', 's3:HeadObject', 's3:List*']), + Action: Match.arrayWith(['s3:GetObject*', 's3:GetBucket*', 's3:List*']), Principal: { AWS: { 'Fn::Join': ['', [ diff --git a/packages/aws-cdk-lib/pipelines/test/compliance/synths.test.ts b/packages/aws-cdk-lib/pipelines/test/compliance/synths.test.ts index 9970814b9a2aa..30cbed9db1faf 100644 --- a/packages/aws-cdk-lib/pipelines/test/compliance/synths.test.ts +++ b/packages/aws-cdk-lib/pipelines/test/compliance/synths.test.ts @@ -786,7 +786,7 @@ behavior('Synth CodeBuild project role can be granted permissions', (suite) => { Template.fromStack(pipelineStack).hasResourceProperties('AWS::IAM::Policy', { PolicyDocument: { Statement: Match.arrayWith([Match.objectLike({ - Action: ['s3:GetObject*', 's3:GetBucket*', 's3:HeadObject', 's3:List*'], + Action: ['s3:GetObject*', 's3:GetBucket*', 's3:List*'], Resource: ['arn:aws:s3:::this-particular-bucket', 'arn:aws:s3:::this-particular-bucket/*'], })]), }, diff --git a/packages/aws-cdk-lib/pipelines/test/compliance/validations.test.ts b/packages/aws-cdk-lib/pipelines/test/compliance/validations.test.ts index 23681a8f1dfce..f1a560fdae911 100644 --- a/packages/aws-cdk-lib/pipelines/test/compliance/validations.test.ts +++ b/packages/aws-cdk-lib/pipelines/test/compliance/validations.test.ts @@ -504,7 +504,7 @@ behavior('can grant permissions to shell script action', (suite) => { Template.fromStack(pipelineStack).hasResourceProperties('AWS::IAM::Policy', { PolicyDocument: { Statement: Match.arrayWith([Match.objectLike({ - Action: ['s3:GetObject*', 's3:GetBucket*', 's3:HeadObject', 's3:List*'], + Action: ['s3:GetObject*', 's3:GetBucket*', 's3:List*'], Resource: ['arn:aws:s3:::this-particular-bucket', 'arn:aws:s3:::this-particular-bucket/*'], })]), },