Skip to content

Commit

Permalink
permissionForSNS
Browse files Browse the repository at this point in the history
  • Loading branch information
@jjzhangjjzhang
jjzhangjjzhang committed Dec 13, 2023
1 parent b868fe3 commit c6675c7
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 0 deletions.
3 changes: 3 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -145,3 +145,6 @@ The audit policy is comprised of the following permissions:
| | glue:GetTags | |
| CODEBUILD | codebuild:ListBuilds | * |
| | codebuild:BatchGetBuilds | |
| SNS | sns:GetDataProtectionPolicy | * |
| | sns:ListPlatformApplications | |
| | sns:GetSubscriptionAttributes | |
9 changes: 9 additions & 0 deletions main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -158,6 +158,15 @@ data "aws_iam_policy_document" "lacework_audit_policy" {
]
resources = ["*"]
}

statement {
sid = "SNS"
actions = ["sns:GetDataProtectionPolicy",
"sns:ListPlatformApplications",
"sns:GetSubscriptionAttributes",
]
resources = ["*"]
}
}

resource "aws_iam_policy" "lacework_audit_policy" {
Expand Down

0 comments on commit c6675c7

Please sign in to comment.