From e93194ce8f259e40defe8849229ea31a71611f88 Mon Sep 17 00:00:00 2001
From: Michele Cereda <cereda.michele@gmail.com>
Date: Wed, 24 Apr 2024 19:16:56 +0200
Subject: [PATCH] fix(kb/aws): iam policy example

---
 .../aws/iam.policies/temporary.ro-access.json | 28 +++++++++++++++++++
 knowledge base/cloud computing/aws/README.md  | 16 ++++++-----
 2 files changed, 37 insertions(+), 7 deletions(-)
 create mode 100644 examples/aws/iam.policies/temporary.ro-access.json

diff --git a/examples/aws/iam.policies/temporary.ro-access.json b/examples/aws/iam.policies/temporary.ro-access.json
new file mode 100644
index 0000000..c75e823
--- /dev/null
+++ b/examples/aws/iam.policies/temporary.ro-access.json
@@ -0,0 +1,28 @@
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Principal": {
+                "AWS": [
+                    "arn:aws:iam::012345678901:user/my-user"
+                ]
+            },
+            "Action": [
+                "s3:GetObject",
+                "s3:GetObjectAttributes",
+                "s3:ListBucket",
+                "s3:ListBucketVersions"
+            ],
+            "Resource": [
+                "arn:aws:s3:::my-bucket",
+                "arn:aws:s3:::my-bucket/*"
+            ],
+            "Condition": {
+                "DateLessThan": {
+                    "aws:CurrentTime": "2024-03-01T00:00:00Z"
+                }
+            }
+        }
+    ]
+}
\ No newline at end of file
diff --git a/knowledge base/cloud computing/aws/README.md b/knowledge base/cloud computing/aws/README.md
index e7caad6..286f09e 100644
--- a/knowledge base/cloud computing/aws/README.md	
+++ b/knowledge base/cloud computing/aws/README.md	
@@ -186,24 +186,24 @@ Examples:
     "Principal": {
       "AWS": [
         "arn:aws:iam::012345678901:user/my-user"
-      ],
+      ]
     },
     "Action": [
       "s3:GetObject",
       "s3:GetObjectAttributes",
       "s3:ListBucket",
-      "s3:ListBucketVersions",
+      "s3:ListBucketVersions"
     ],
     "Resource": [
       "arn:aws:s3:::my-bucket",
-      "arn:aws:s3:::my-bucket/*",
+      "arn:aws:s3:::my-bucket/*"
     ],
     "Condition": {
       "DateLessThan": {
-        "aws:CurrentTime": "2024-03-01T00:00:00Z",
-      },
-    },
-  }],
+        "aws:CurrentTime": "2024-03-01T00:00:00Z"
+      }
+    }
+  }]
 }
 ```
 
@@ -226,6 +226,7 @@ Examples:
 - [AWS JSON policy elements: Principal]
 - [What is AWS Config?]
 - [AWS Config tutorial by Stephane Maarek]
+- [Date & time policy conditions at AWS - 1-minute IAM lesson]
 
 <!--
   References
@@ -262,4 +263,5 @@ Examples:
 
 <!-- Others -->
 [aws config tutorial by stephane maarek]: https://www.youtube.com/watch?v=qHdFoYSrUvk
+[date & time policy conditions at aws - 1-minute iam lesson]: https://www.youtube.com/watch?v=4wpKP1HLEXg
 [introduction to aws iam assumerole]: https://aws.plainenglish.io/introduction-to-aws-iam-assumerole-fbef3ce8e90b