From fa8214b5b840c3f45b98b0a300cdcf88d3e2c620 Mon Sep 17 00:00:00 2001
From: Will Glynn <will@willglynn.com>
Date: Sat, 6 Feb 2016 19:00:10 -0600
Subject: [PATCH] Reduce IAM policy to a more compact version

`Sid` is optional and can be omitted for brevity.

Both `route53:ListHostedZones` and `route53:GetChange` are allowed for
`*`, so they can be combined into a single statement.

Actions can be combined onto the same line, since it's equivalent JSON.
---
 README.md | 32 ++++++++------------------------
 1 file changed, 8 insertions(+), 24 deletions(-)

diff --git a/README.md b/README.md
index 9e53cef1..0a9d39ab 100644
--- a/README.md
+++ b/README.md
@@ -140,34 +140,18 @@ Replace `<INSERT_YOUR_HOSTED_ZONE_ID_HERE>` with the Route 53 zone ID of the dom
     "Version": "2012-10-17",
     "Statement": [
         {
-            "Sid": "1",
             "Effect": "Allow",
-            "Action": [
-                "route53:ChangeResourceRecordSets"
-            ],
-            "Resource": [
-                "arn:aws:route53:::hostedzone/<INSERT_YOUR_HOSTED_ZONE_ID_HERE>"
-            ]
-        },
-        {
-            "Sid": "2",
-            "Effect": "Allow",
-            "Action": [
-                "route53:GetChange"
-            ],
-            "Resource": [
-                "arn:aws:route53:::change/*"
-            ]
-        },
-        {
-            "Sid": "3",
-            "Effect": "Allow",
-            "Action": [
-                "route53:ListHostedZones"
-            ],
+            "Action": [ "route53:ListHostedZones", "route53:GetChange" ],
             "Resource": [
                 "*"
             ]
+        },
+        {
+            "Effect": "Allow",
+            "Action": ["route53:ChangeResourceRecordSets"],
+            "Resource": [
+                "arn:aws:route53:::hostedzone/<INSERT_YOUR_HOSTED_ZONE_ID_HERE>"
+            ]
         }
     ]
 }