apiVersion: v1
items:
- apiVersion: cloudcredential.openshift.io/v1
  kind: CredentialsRequest
  metadata:
    creationTimestamp: "2021-12-10T04:19:19Z"
    generation: 1
    managedFields:
    - apiVersion: cloudcredential.openshift.io/v1
      fieldsType: FieldsV1
      fieldsV1:
        f:spec:
          .: {}
          f:providerSpec:
            .: {}
            f:apiVersion: {}
            f:kind: {}
            f:statementEntries: {}
          f:secretRef:
            .: {}
            f:name: {}
            f:namespace: {}
      manager: cloud-resource-operator
      operation: Update
      time: "2021-12-10T04:19:19Z"
    name: cloud-resources-aws-credentials
    namespace: redhat-ods-applications
    resourceVersion: "61408"
    uid: f515c30c-a188-4e7b-aab3-3567e7ba8445
  spec:
    providerSpec:
      apiVersion: cloudcredential.openshift.io/v1
      kind: AWSProviderSpec
      statementEntries:
      - action:
        - s3:CreateBucket
        - s3:DeleteBucket
        - s3:ListBucket
        - s3:ListAllMyBuckets
        - s3:GetObject
        - s3:DeleteObject
        - s3:PutBucketTagging
        - s3:PutBucketPublicAccessBlock
        - s3:PutEncryptionConfiguration
        - ec2:DescribeVpcs
        - ec2:DescribeSubnets
        - ec2:DescribeSecurityGroups
        - ec2:DescribeInstanceTypes
        - ec2:CreateSecurityGroup
        - ec2:DeleteSecurityGroup
        - ec2:AuthorizeSecurityGroupIngress
        - ec2:AuthorizeSecurityGroupEgress
        - ec2:DescribeAvailabilityZones
        - ec2:CreateSubnet
        - ec2:CreateTags
        - ec2:CreateVpc
        - ec2:DeleteVpc
        - ec2:DeleteSubnet
        - ec2:CreateVpcPeeringConnection
        - ec2:DescribeVpcPeeringConnections
        - ec2:AcceptVpcPeeringConnection
        - ec2:DeleteVpcPeeringConnection
        - ec2:DescribeRouteTables
        - ec2:CreateRoute
        - ec2:DeleteRoute
        - ec2:DescribeInstanceTypeOfferings
        - elasticache:CreateReplicationGroup
        - elasticache:DeleteReplicationGroup
        - elasticache:DescribeReplicationGroups
        - elasticache:DescribeUpdateActions
        - elasticache:BatchApplyUpdateAction
        - elasticache:AddTagsToResource
        - elasticache:DescribeSnapshots
        - elasticache:CreateSnapshot
        - elasticache:DeleteSnapshot
        - elasticache:DescribeCacheClusters
        - elasticache:DescribeCacheSubnetGroups
        - elasticache:CreateCacheSubnetGroup
        - elasticache:ModifyCacheSubnetGroup
        - elasticache:DeleteCacheSubnetGroup
        - elasticache:ModifyReplicationGroup
        - rds:DescribeDBInstances
        - rds:CreateDBInstance
        - rds:DeleteDBInstance
        - rds:ModifyDBInstance
        - rds:AddTagsToResource
        - rds:DescribeDBSnapshots
        - rds:CreateDBSnapshot
        - rds:DeleteDBSnapshot
        - rds:DescribePendingMaintenanceActions
        - rds:CreateDBSubnetGroup
        - rds:DescribeDBSubnetGroups
        - rds:DeleteDBSubnetGroup
        - rds:ModifyDBSubnetGroup
        - rds:ListTagsForResource
        - rds:RemoveTagsFromResource
        - sts:GetCallerIdentity
        - iam:CreateServiceLinkedRole
        - cloudwatch:ListMetrics
        - cloudwatch:GetMetricData
        effect: Allow
        resource: '*'
    secretRef:
      name: cloud-resources-aws-credentials
      namespace: redhat-ods-applications
kind: List
metadata:
  resourceVersion: ""
  selfLink: ""