updated permissions

JBAnderson5 · JBAnderson5 · commit 3b34a3d38fe5 · 2022-09-28T13:46:43.000-07:00
diff --git a/cloud-foundation/modules/cloud-foundation-library/identity/module/security.tf b/cloud-foundation/modules/cloud-foundation-library/identity/module/security.tf
@@ -90,7 +90,8 @@ resource "oci_identity_policy" "security" {
       ]),
       # security users in security compartment
       formatlist("allow group ${oci_identity_group.security_service[0].name} to %s in compartment ${oci_identity_compartment.security[0].name}", [
-        "read vss-family", "use bastion", "manage bastion-session", "read vaults", "inspect keys", "manage instance-images",
+        "read vss-family", "use bastion", "manage bastion-session", "use vaults", "inspect keys", 
+        "manage secrets", "manage secret-versions", "manage instance-images",
       ]),
     )
 }

Original file line number	Diff line number	Diff line change
`@@ -90,7 +90,8 @@ resource "oci_identity_policy" "security" {`
`90`	`90`	`]),`
`91`	`91`	`# security users in security compartment`
`92`	`92`	`formatlist("allow group ${oci_identity_group.security_service[0].name} to %s in compartment ${oci_identity_compartment.security[0].name}", [`
`93`		`- "read vss-family", "use bastion", "manage bastion-session", "read vaults", "inspect keys", "manage instance-images",`
	`93`	`+ "read vss-family", "use bastion", "manage bastion-session", "use vaults", "inspect keys",`
	`94`	`+ "manage secrets", "manage secret-versions", "manage instance-images",`
`94`	`95`	`]),`
`95`	`96`	`)`
`96`	`97`	`}`