Merge pull request #74 from ajschofield/alex/tf-lambda-changes

pr: fix extract_lambda execution & policy doc
author: Alex <git@ajschof.me> 2024-08-20 15:16:31 +0100
committer: GitHub <noreply@github.com> 2024-08-20 15:16:31 +0100
commit: c5d4d95851c88ddf4f73d41c0f88ff844b3ed197 (patch)
tree: dceb10fd2297a5f0021722d8423b392a09cabe60 /terraform/iam.tf
parent: 983430f661bd89a406693d48b464b3120604f2dd (diff)
parent: 5493cdc71da4730c4e388d9718f278bc2f14badf (diff)
download: de-project-bentley-c5d4d95851c88ddf4f73d41c0f88ff844b3ed197.tar.gz
de-project-bentley-c5d4d95851c88ddf4f73d41c0f88ff844b3ed197.zip
1 files changed, 6 insertions, 3 deletions
diff --git a/terraform/iam.tf b/terraform/iam.tf
index 3ac8c45..3d62b69 100644
--- a/terraform/iam.tf
+++ b/terraform/iam.tf
@@ -41,7 +41,8 @@ data "aws_iam_policy_document" "s3_data_policy_doc" {
       "s3:PutObjectTagging",
       "s3:PutObjectAcl",
       "s3:ListObjects",
-      "s3:ListObjectsV2"
+      "s3:ListObjectsV2",
+      "s3:GetObject"
     ]
     resources = [
       "${aws_s3_bucket.extract_bucket.arn}/*",
@@ -53,8 +54,10 @@ data "aws_iam_policy_document" "s3_data_policy_doc" {
   statement {
     effect = "Allow"
     actions = [
-      "s3:ListBuckets",
-      "s3:ListAllMyBuckets"
+      "s3:ListBucket",
+      "s3:ListAllMyBuckets",
+      "s3:ListObjectsV2",
+      "s3:ListObjects"
     ]
     resources = [
       "arn:aws:s3:::*",
author	Alex <git@ajschof.me>	2024-08-20 15:16:31 +0100
committer	GitHub <noreply@github.com>	2024-08-20 15:16:31 +0100
commit	c5d4d95851c88ddf4f73d41c0f88ff844b3ed197 (patch)
tree	dceb10fd2297a5f0021722d8423b392a09cabe60 /terraform/iam.tf
parent	983430f661bd89a406693d48b464b3120604f2dd (diff)
parent	5493cdc71da4730c4e388d9718f278bc2f14badf (diff)
download	de-project-bentley-c5d4d95851c88ddf4f73d41c0f88ff844b3ed197.tar.gz de-project-bentley-c5d4d95851c88ddf4f73d41c0f88ff844b3ed197.zip