fix: missing permissions to manage root account

meshcloud · Apr 29, 2024 · c30f4fd · c30f4fd
1 parent 5300df0
commit c30f4fd
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/modules/meshcloud-replicator/replicator-management-account-access/data.tf b/modules/meshcloud-replicator/replicator-management-account-access/data.tf
@@ -115,7 +115,10 @@ data "aws_iam_policy_document" "meshfed_service" {
         "iam:GetRole",
         "iam:ListAttachedRolePolicies",
         "iam:ListRolePolicies",
-        "iam:GetSAMLProvider"
+        "iam:GetSAMLProvider",
+        "iam:CreateRole",
+        "iam:AttachRolePolicy",
+        "iam:UpdateAssumeRolePolicy"
       ]
       resources = [
         "arn:${data.aws_partition.current.partition}:iam::${local.account_id}:saml-provider/*",