Expand IAM role permissions for SSO actions

SMillerDev · web-flow · commit 33171d5cb312 · 2025-04-18T20:29:46.000+02:00
diff --git a/aws/roles.tf b/aws/roles.tf
@@ -23,7 +23,8 @@ data "aws_iam_policy_document" "codebuild_policy_document" {
     actions = [
       "iam:*",
       "sso:TagResource",
-      "sso:ListInstances",
+      "sso:Describe*",
+      "sso:List*",
       "ecs:*",
       "ecr:*",
       "apigateway:*",
