Codebuild permissions required for issuing new codebuild projects

Author: mianava

terraform/services/github-actions-role/main.tf

@@ -131,6 +131,19 @@ data "aws_iam_policy_document" "github_actions_policy" {
     ]
     resources = ["*"]
   }
+  # Codebuild
+  statement {
+    actions = [
+      "codebuild:CreateInvalidation",
+      "codebuild:CreateWebhook",
+      "codebuild:DeleteProject",
+      "codebuild:DeleteWebhook",
+      "codebuild:ListProjects",
+      "codebuild:UpdateProject",
+      "codebuild:UpdateWebhook"
+    ]
+    resources = ["*"]
+  }
   # CloudFront
   statement {
     actions = [