From e23ed3847c4a69303c1e85b369b5a22ee4c7621e Mon Sep 17 00:00:00 2001
From: Grace Wilkes <53713122+Xxyumi-hub@users.noreply.github.com>
Date: Mon, 25 Nov 2024 11:52:57 -0500
Subject: [PATCH] TOG-558: remove DescribeOrg perm as its no longer needed
 (#67)

---
 iam.tf               | 1 -
 stackset_template.tf | 1 -
 2 files changed, 2 deletions(-)

diff --git a/iam.tf b/iam.tf
index 9b0fa10..0da7a72 100644
--- a/iam.tf
+++ b/iam.tf
@@ -153,7 +153,6 @@ data "aws_iam_policy_document" "cloudtrail_manager_iam_document" {
       "lambda:ListFunctions",
       "lightsail:GetInstances",
       "lightsail:GetRegions",
-      "organizations:DescribeOrganization",
       "organizations:ListAccounts",
       "rds:DescribeDBInstances",
       "rds:ListTagsForResource",
diff --git a/stackset_template.tf b/stackset_template.tf
index 19096e5..e4be22c 100644
--- a/stackset_template.tf
+++ b/stackset_template.tf
@@ -77,7 +77,6 @@ locals {
                                 "lambda:ListFunctions",
                                 "lightsail:GetInstances",
                                 "lightsail:GetRegions",
-                                "organizations:DescribeOrganization",
                                 "organizations:ListAccounts",
                                 "rds:DescribeDBInstances",
                                 "rds:ListTagsForResource",