fix: TargetGroup Binding only policy requires policies for SecurityGroup (#10)

chrolis · web-flow · commit ba34af404af6 · 2024-05-29T20:12:18.000-04:00
diff --git a/aws_lb_controller.tf b/aws_lb_controller.tf
@@ -302,6 +302,8 @@ data "aws_iam_policy_document" "lb_controller_targetgroup_only" {
       "ec2:DescribeVpcs",
       "ec2:DescribeSecurityGroups",
       "ec2:DescribeInstances",
+      "ec2:AuthorizeSecurityGroupIngress",
+      "ec2:RevokeSecurityGroupIngress",
       "elasticloadbalancing:DescribeTargetGroups",
       "elasticloadbalancing:DescribeTargetHealth",
     ]

Original file line number	Diff line number	Diff line change
`@@ -302,6 +302,8 @@ data "aws_iam_policy_document" "lb_controller_targetgroup_only" {`
`302`	`302`	`"ec2:DescribeVpcs",`
`303`	`303`	`"ec2:DescribeSecurityGroups",`
`304`	`304`	`"ec2:DescribeInstances",`
	`305`	`+ "ec2:AuthorizeSecurityGroupIngress",`
	`306`	`+ "ec2:RevokeSecurityGroupIngress",`
`305`	`307`	`"elasticloadbalancing:DescribeTargetGroups",`
`306`	`308`	`"elasticloadbalancing:DescribeTargetHealth",`
`307`	`309`	`]`