From 4327e88b38802608e67e5aadc164149b8ad8f643 Mon Sep 17 00:00:00 2001
From: Neel <nedave@paloaltonetworks.com>
Date: Wed, 11 Sep 2024 14:02:54 +0100
Subject: [PATCH 1/2] amended policy

---
 terraform/iam-test.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/terraform/iam-test.tf b/terraform/iam-test.tf
index 02b96b3..6976b7b 100644
--- a/terraform/iam-test.tf
+++ b/terraform/iam-test.tf
@@ -17,7 +17,7 @@ resource "aws_iam_policy" "policy_resource_fail" {
         Action = [
           "s3:*",
         ]
-        Effect   = "Allow"
+        Effect   = "Deny"
         Resource = "arn:aws:s3:::some_bucket"
       }
     ]

From 804af9dcb9ae476e95bc0c7411a0643e2458c004 Mon Sep 17 00:00:00 2001
From: Neel <nedave@paloaltonetworks.com>
Date: Wed, 11 Sep 2024 14:12:32 +0100
Subject: [PATCH 2/2] Test

---
 terraform/iam-test.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/terraform/iam-test.tf b/terraform/iam-test.tf
index 6976b7b..996ebf8 100644
--- a/terraform/iam-test.tf
+++ b/terraform/iam-test.tf
@@ -10,14 +10,14 @@ resource "aws_iam_policy" "policy_resource_fail" {
         Action = [
           "ec2:*",
         ]
-        Effect   = "Allow"
+        Effect   = "Deny"
         Resource = "arn:aws:ec2:*"
       },
       {
         Action = [
           "s3:*",
         ]
-        Effect   = "Deny"
+        Effect   = "Allow"
         Resource = "arn:aws:s3:::some_bucket"
       }
     ]