From cba23b6b1dacd0871938e2c106faac3977454db4 Mon Sep 17 00:00:00 2001
From: Ngok-Tsyn CTR Nee <Ngok-Tsyn.CTR.Nee@faa.gov>
Date: Fri, 8 Nov 2024 16:46:51 -0500
Subject: [PATCH] feat: Add ec2:GetSecurityGroupsForVpc permission to load
 balancer controller policy for v2.10.0
 https://github.com/kubernetes-sigs/aws-load-balancer-controller/releases/tag/v2.10.0

---
 modules/iam-role-for-service-accounts-eks/policies.tf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/iam-role-for-service-accounts-eks/policies.tf b/modules/iam-role-for-service-accounts-eks/policies.tf
index 264c2155..96f20b81 100644
--- a/modules/iam-role-for-service-accounts-eks/policies.tf
+++ b/modules/iam-role-for-service-accounts-eks/policies.tf
@@ -840,6 +840,7 @@ data "aws_iam_policy_document" "load_balancer_controller" {
       "ec2:DescribeTags",
       "ec2:GetCoipPoolUsage",
       "ec2:DescribeCoipPools",
+      "ec2:GetSecurityGroupsForVpc",
       "elasticloadbalancing:DescribeLoadBalancers",
       "elasticloadbalancing:DescribeLoadBalancerAttributes",
       "elasticloadbalancing:DescribeListeners",