add list bucket permission

Author: devksingh4

cloudformation/main.yml

@@ -748,11 +748,21 @@ Resources:
           - Effect: Allow
             Principal:
               Service: cloudfront.amazonaws.com
-            Action: s3:GetObject
+            Action:
+              - s3:GetObject
             Resource: !Sub "${AppFrontendS3Bucket.Arn}/*"
             Condition:
               StringEquals:
                 AWS:SourceArn: !Sub "arn:aws:cloudfront::${AWS::AccountId}:distribution/${AppFrontendCloudfrontDistribution}"
+          - Effect: Allow
+            Principal:
+              Service: cloudfront.amazonaws.com
+            Action:
+              - s3:ListBucket
+            Resource: !Sub "${AppFrontendS3Bucket.Arn}"
+            Condition:
+              StringEquals:
+                AWS:SourceArn: !Sub "arn:aws:cloudfront::${AWS::AccountId}:distribution/${AppFrontendCloudfrontDistribution}"
 
   CloudfrontNoCachePolicy:
     Type: AWS::CloudFront::CachePolicy