From 6e708babfbb14569aeceb8ae17692299fa61efb1 Mon Sep 17 00:00:00 2001
From: Adrian Stobbe <stobbe.adrian@gmail.com>
Date: Tue, 11 Jul 2023 17:58:55 +0200
Subject: [PATCH] add new iam roles

---
 cli/internal/terraform/terraform/iam/aws/main.tf | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/cli/internal/terraform/terraform/iam/aws/main.tf b/cli/internal/terraform/terraform/iam/aws/main.tf
index 43107b0c1..58aabbdd5 100644
--- a/cli/internal/terraform/terraform/iam/aws/main.tf
+++ b/cli/internal/terraform/terraform/iam/aws/main.tf
@@ -51,6 +51,18 @@ resource "aws_iam_policy" "control_plane_policy" {
     {
       "Effect": "Allow",
       "Action": [
+        "ec2:DescribeSecurityGroups",
+        "ec2:DescribeInstances",
+        "elasticloadbalancing:DescribeTargetGroups",
+        "elasticloadbalancing:DescribeTargetGroupAttributes",
+        "elasticloadbalancing:DescribeRules",
+        "shield:GetSubscriptionState",
+        "elasticloadbalancing:DescribeListeners",
+        "elasticloadbalancing:DescribeTargetHealth",
+        "elasticloadbalancing:ModifyTargetGroup",
+        "elasticloadbalancing:ModifyTargetGroupAttributes",
+        "elasticloadbalancing:RegisterTargets",
+        "elasticloadbalancing:DeregisterTargets",
         "autoscaling:DescribeAutoScalingGroups",
         "autoscaling:DescribeLaunchConfigurations",
         "autoscaling:DescribeTags",