feat: Add Amazon Textract permissions for document analysis in task role

Author: adamrefaey

backend/src/iac/backend-stack.ts

@@ -176,6 +176,22 @@ export class BackendStack extends cdk.Stack {
       }),
     );
 
+    // Add Amazon Textract permissions for document analysis
+    taskRole.addToPolicy(
+      new iam.PolicyStatement({
+        effect: iam.Effect.ALLOW,
+        actions: [
+          'textract:AnalyzeDocument',
+          'textract:DetectDocumentText',
+          'textract:GetDocumentAnalysis',
+          'textract:StartDocumentAnalysis',
+          'textract:StartDocumentTextDetection',
+          'textract:GetDocumentTextDetection',
+        ],
+        resources: ['*'], // You may want to restrict this to specific resources in production
+      }),
+    );
+
     // Task Definition with explicit roles
     const taskDefinition = new ecs.FargateTaskDefinition(
       this,