Skip to content

Commit 5880768

Browse files
bryantbiggsbryantbiggs
committed
Signed-off-by: Bryant Biggs <[email protected]>
1 parent ed08091 commit 5880768

File tree

2 files changed

+8
-5
lines changed

2 files changed

+8
-5
lines changed

.pre-commit-config.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
repos:
22
- repo: https://github.com/antonbabenko/pre-commit-terraform
3-
rev: v1.99.0
3+
rev: v1.99.1
44
hooks:
55
- id: terraform_fmt
66
- id: terraform_wrapper_module_for_each

modules/iam-role-for-service-accounts-eks/policies.tf

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,6 @@ data "aws_iam_policy_document" "aws_gateway_controller" {
1717
}
1818
}
1919

20-
2120
resource "aws_iam_policy" "aws_gateway_controller" {
2221
count = var.create_role && var.attach_aws_gateway_controller_policy ? 1 : 0
2322

@@ -851,7 +850,6 @@ data "aws_iam_policy_document" "load_balancer_controller" {
851850
"ec2:DescribeVpcs",
852851
"ec2:DescribeVpcPeeringConnections",
853852
"ec2:DescribeSubnets",
854-
"ec2:DescribeRouteTables",
855853
"ec2:DescribeSecurityGroups",
856854
"ec2:DescribeInstances",
857855
"ec2:DescribeNetworkInterfaces",
@@ -860,6 +858,7 @@ data "aws_iam_policy_document" "load_balancer_controller" {
860858
"ec2:DescribeCoipPools",
861859
"ec2:GetSecurityGroupsForVpc",
862860
"ec2:DescribeIpamPools",
861+
"ec2:DescribeRouteTables",
863862
"elasticloadbalancing:DescribeLoadBalancers",
864863
"elasticloadbalancing:DescribeLoadBalancerAttributes",
865864
"elasticloadbalancing:DescribeListeners",
@@ -904,6 +903,12 @@ data "aws_iam_policy_document" "load_balancer_controller" {
904903
actions = [
905904
"ec2:AuthorizeSecurityGroupIngress",
906905
"ec2:RevokeSecurityGroupIngress",
906+
]
907+
resources = ["*"]
908+
}
909+
910+
statement {
911+
actions = [
907912
"ec2:CreateSecurityGroup",
908913
]
909914
resources = ["*"]
@@ -963,7 +968,6 @@ data "aws_iam_policy_document" "load_balancer_controller" {
963968

964969
statement {
965970
actions = [
966-
"elasticloadbalancing:AddTags",
967971
"elasticloadbalancing:CreateLoadBalancer",
968972
"elasticloadbalancing:CreateTargetGroup",
969973
]
@@ -978,7 +982,6 @@ data "aws_iam_policy_document" "load_balancer_controller" {
978982

979983
statement {
980984
actions = [
981-
"elasticloadbalancing:AddTags",
982985
"elasticloadbalancing:CreateListener",
983986
"elasticloadbalancing:DeleteListener",
984987
"elasticloadbalancing:CreateRule",

0 commit comments

Comments
 (0)