and add the bucket permissions to the exec policy

JamesW1-NHS · JamesW1-NHS · commit 8f103e9a2dac · 2025-11-26T16:08:07.000Z
diff --git a/infrastructure/instance/file_name_processor.tf b/infrastructure/instance/file_name_processor.tf
@@ -134,6 +134,20 @@ resource "aws_iam_policy" "filenameprocessor_lambda_exec_policy" {
           "${aws_s3_bucket.batch_data_destination_bucket.arn}/*"
         ]
       },
+      {
+        Effect = "Allow"
+        Action = [
+          "s3:GetObject",
+          "s3:ListBucket",
+          "s3:PutObject",
+          "s3:CopyObject",
+          "s3:DeleteObject"
+        ]
+        Resource = [
+          aws_s3_bucket.batch_data_ea_bucket.arn,
+          "${aws_s3_bucket.batch_data_ea_bucket.arn}/*"
+        ]
+      },
       {
         Effect = "Allow",
         Action = [
