Merge pull request #55 from draios/remove-unnecessary-perm

Update permissions in AWS trust-relationship
draios · Mar 11, 2024 · bcf25d3 · bcf25d3
2 parents 5746d19 + 334598a
commit bcf25d3
Showing 1 changed file with 4 additions and 5 deletions.
diff --git a/modules/services/trust-relationship/main.tf b/modules/services/trust-relationship/main.tf
@@ -77,12 +77,12 @@ data "aws_iam_policy_document" "custom_resources_policy" {
   }
 
   statement {
-    sid = "AccessAccountContactInfo"
+    sid = "ListJobsOnConsole"
 
     effect = "Allow"
 
     actions = [
-      "account:GetContactInformation",
+      "macie2:ListClassificationJobs",
     ]
 
     resources = [
@@ -146,10 +146,9 @@ Resources:
                 Resource:
                   - "arn:aws:waf-regional:*:*:rule/*"
                   - "arn:aws:waf-regional:*:*:rulegroup/*"
-              - Sid: "AccessAccountContactInfo"
+              - Sid: "ListJobsOnConsole"
                 Effect: "Allow"
-                Action:
-                  - "account:GetContactInformation"
+                Action: "macie2:ListClassificationJobs"
                 Resource: "*"
 TEMPLATE
 }