diff --git a/base_iam/iam_github_pre-prod.tf b/base_iam/iam_github_pre-prod.tf index d24d7864..1443faf0 100644 --- a/base_iam/iam_github_pre-prod.tf +++ b/base_iam/iam_github_pre-prod.tf @@ -166,6 +166,7 @@ resource "aws_iam_role_policy" "github_extended_policy_virus_scanner_pre_prod" { "ssm:CreateDocument", "iam:TagRole", "SNS:TagResource", + "SNS:SetSubscriptionAttributes", "cognito-idp:CreateUserPool", "cognito-idp:TagResource", "cognito-idp:SetUserPoolMfaConfig", diff --git a/base_iam/iam_github_prod.tf b/base_iam/iam_github_prod.tf index 29fc1a06..ba78b229 100644 --- a/base_iam/iam_github_prod.tf +++ b/base_iam/iam_github_prod.tf @@ -270,6 +270,7 @@ resource "aws_iam_role_policy" "github_extended_policy_virus_scanner_prod" { "ssm:CreateDocument", "iam:TagRole", "SNS:TagResource", + "SNS:SetSubscriptionAttributes", "cognito-idp:CreateUserPool", "cognito-idp:TagResource", "cognito-idp:SetUserPoolMfaConfig", diff --git a/infrastructure/iam_roles/pre-prod_Github-Actions-pre-prod-role.json b/infrastructure/iam_roles/pre-prod_Github-Actions-pre-prod-role.json index cf4334e1..82b9b604 100644 --- a/infrastructure/iam_roles/pre-prod_Github-Actions-pre-prod-role.json +++ b/infrastructure/iam_roles/pre-prod_Github-Actions-pre-prod-role.json @@ -78,6 +78,7 @@ "ssm:CreateDocument", "iam:TagRole", "SNS:TagResource", + "SNS:SetSubscriptionAttributes", "cognito-idp:CreateUserPool", "cognito-idp:TagResource", "cognito-idp:SetUserPoolMfaConfig", diff --git a/infrastructure/iam_roles/prod_github-access-role.json b/infrastructure/iam_roles/prod_github-access-role.json index 573977d7..afdde13a 100644 --- a/infrastructure/iam_roles/prod_github-access-role.json +++ b/infrastructure/iam_roles/prod_github-access-role.json @@ -96,6 +96,7 @@ "ssm:CreateDocument", "iam:TagRole", "SNS:TagResource", + "SNS:SetSubscriptionAttributes", "cognito-idp:CreateUserPool", "cognito-idp:TagResource", "cognito-idp:SetUserPoolMfaConfig",