From 75b774a2d7d086cc139bc28cc3a36a8dd987349f Mon Sep 17 00:00:00 2001 From: Pragya Chaudhary Date: Tue, 5 May 2026 18:08:06 +0530 Subject: [PATCH] Add ecoeng account, modify IAM policy json --- .../aws/CloudGovernanceInfra/CloudGovernanceDeletePolicy.json | 4 ++++ .../aws/CloudGovernanceInfra/CloudGovernanceReadPolicy.json | 4 ++++ jenkins/tenant/aws/ecoeng_01/PolicyJenkinsfileDaily | 3 ++- jenkins/tenant/aws/ecoeng_01/README.md | 3 ++- jenkins/tenant/aws/ecoeng_01/TaggingJenkinsfileHourly | 3 ++- 5 files changed, 14 insertions(+), 3 deletions(-) diff --git a/iam/clouds/aws/CloudGovernanceInfra/CloudGovernanceDeletePolicy.json b/iam/clouds/aws/CloudGovernanceInfra/CloudGovernanceDeletePolicy.json index 10122e2a..3ca21291 100644 --- a/iam/clouds/aws/CloudGovernanceInfra/CloudGovernanceDeletePolicy.json +++ b/iam/clouds/aws/CloudGovernanceInfra/CloudGovernanceDeletePolicy.json @@ -157,10 +157,14 @@ "Sid": "S3Bucket", "Effect": "Allow", "Action": [ + "s3:CreateBucket", "s3:DeleteBucket", "s3:DeleteObject", + "s3:GetBucketAcl", "s3:GetBucketLocation", + "s3:GetBucketPolicy", "s3:GetBucketTagging", + "s3:GetBucketVersioning", "s3:GetObject", "s3:ListAllMyBuckets", "s3:ListBucket", diff --git a/iam/clouds/aws/CloudGovernanceInfra/CloudGovernanceReadPolicy.json b/iam/clouds/aws/CloudGovernanceInfra/CloudGovernanceReadPolicy.json index a732d617..77d7bf1d 100644 --- a/iam/clouds/aws/CloudGovernanceInfra/CloudGovernanceReadPolicy.json +++ b/iam/clouds/aws/CloudGovernanceInfra/CloudGovernanceReadPolicy.json @@ -113,8 +113,12 @@ "Sid": "S3Bucket", "Effect": "Allow", "Action": [ + "s3:CreateBucket", + "s3:GetBucketAcl", "s3:GetBucketLocation", + "s3:GetBucketPolicy", "s3:GetBucketTagging", + "s3:GetBucketVersioning", "s3:GetObject", "s3:ListAllMyBuckets", "s3:ListBucket", diff --git a/jenkins/tenant/aws/ecoeng_01/PolicyJenkinsfileDaily b/jenkins/tenant/aws/ecoeng_01/PolicyJenkinsfileDaily index 41f6e244..a734f322 100644 --- a/jenkins/tenant/aws/ecoeng_01/PolicyJenkinsfileDaily +++ b/jenkins/tenant/aws/ecoeng_01/PolicyJenkinsfileDaily @@ -17,7 +17,8 @@ accounts_list = ['industry-partners': "hhalbfin@redhat.com", 'partners-eng': "hhalbfin@redhat.com", 'fusionaccess': "abeekhof@redhat.com, hhalbfin@redhat.com", 'ecoeng-assistedci': "alkaplan@redhat.com, dmanor@redhat.com, hhalbfin@redhat.com", - 'medik8s-ci': "ushkalim@redhat.com, hhalbfin@redhat.com" + 'medik8s-ci': "ushkalim@redhat.com, hhalbfin@redhat.com", + 'ecoeng-buildSign': "hhalbfin@redhat.com" ] pipeline { options { diff --git a/jenkins/tenant/aws/ecoeng_01/README.md b/jenkins/tenant/aws/ecoeng_01/README.md index 15827378..14029f84 100644 --- a/jenkins/tenant/aws/ecoeng_01/README.md +++ b/jenkins/tenant/aws/ecoeng_01/README.md @@ -26,4 +26,5 @@ Accounts: - **partners-eng**: "hhalbfin@redhat.com", - **fusionaccess**: "abeekhof@redhat.com, hhalbfin@redhat.com", - **ecoeng-assistedci**: "alkaplan@redhat.com, dmanor@redhat.com, hhalbfin@redhat.com", -- **medik8s-ci**: "ushkalim@redhat.com, hhalbfin@redhat.com" +- **medik8s-ci**: "ushkalim@redhat.com, hhalbfin@redhat.com", +- **ecoeng-buildSign**: "hhalbfin@redhat.com" diff --git a/jenkins/tenant/aws/ecoeng_01/TaggingJenkinsfileHourly b/jenkins/tenant/aws/ecoeng_01/TaggingJenkinsfileHourly index 395cdbdc..9c9be2f3 100644 --- a/jenkins/tenant/aws/ecoeng_01/TaggingJenkinsfileHourly +++ b/jenkins/tenant/aws/ecoeng_01/TaggingJenkinsfileHourly @@ -1,7 +1,8 @@ account = ['industry-partners', 'verticals-ui', 'special-projects', 'edgeinfra', 'specialprojects-qe', 'ecoeng-sap', 'sysdeseng', 'certification-pipeline', 'ecoengverticals-qe', 'emerge-partner', 'telco5g-ci', 'partnerlab', 'blueprints', 'edgeinfra-ci', - 'ecoeng-flightctl', 'partners-eng', 'fusionaccess', 'ecoeng-assistedci', 'medik8s-ci'] + 'ecoeng-flightctl', 'partners-eng', 'fusionaccess', 'ecoeng-assistedci', 'medik8s-ci', + 'ecoeng-buildSign'] pipeline { options { disableConcurrentBuilds()