From 429957ab5c6aaffd2232a048b93b6e9012f56a60 Mon Sep 17 00:00:00 2001
From: ljohnny <ljohnny@fortinet.com>
Date: Fri, 20 Dec 2024 00:02:45 +0000
Subject: [PATCH] feat: add permissions for appstream

Signed-off-by: ljohnny <ljohnny@fortinet.com>
---
 README.md | 4 +++-
 main.tf   | 8 ++++++++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 17f37ff..5f3805e 100644
--- a/README.md
+++ b/README.md
@@ -189,4 +189,6 @@ The audit policy is comprised of the following permissions:
 |                            | aps:DescribeLoggingConfiguration                        |           |
 |                            | aps:DescribeWorkspace                                   |           |
 |                            | aps:ListRuleGroupsNamespaces                            |           |
-|                            | aps:DescribeRuleGroupsNamespace                         |           |
\ No newline at end of file
+|                            | aps:DescribeRuleGroupsNamespace                         |           |
+| APPSTREAM                  | appstream:Describe*                                     |           |
+|                            | appstream:List*                                         |           |
diff --git a/main.tf b/main.tf
index f32f6dc..32a186f 100644
--- a/main.tf
+++ b/main.tf
@@ -262,6 +262,14 @@ data "aws_iam_policy_document" "lacework_audit_policy" {
     ]
     resources = ["*"]
   }
+
+  statement {
+    sid = "APPSTREAM"
+    actions = ["appstream:Describe*",
+      "appstream:List*",
+    ]
+    resources = ["*"]
+  }
 }
 
 resource "aws_iam_policy" "lacework_audit_policy" {