Merge pull request #1097 from DanielAtanasovski/main

fix: aws-load-balancer-controller service account missing IAM permissions
aws-quickstart · Oct 28, 2024 · 3169844 · 3169844
2 parents 7c98619 + ed52b89
commit 3169844
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/lib/addons/aws-loadbalancer-controller/iam-policy.ts b/lib/addons/aws-loadbalancer-controller/iam-policy.ts
@@ -37,7 +37,9 @@ export const AwsLoadbalancerControllerIamPolicy = (partition: string) => {
                     "elasticloadbalancing:DescribeTargetGroups",
                     "elasticloadbalancing:DescribeTargetGroupAttributes",
                     "elasticloadbalancing:DescribeTargetHealth",
-                    "elasticloadbalancing:DescribeTags"
+                    "elasticloadbalancing:DescribeTags",
+                    "elasticloadbalancing:DescribeTrustStores",
+                    "elasticloadbalancing:DescribeListenerAttributes"
                 ],
                 "Resource": "*"
             },
@@ -186,7 +188,8 @@ export const AwsLoadbalancerControllerIamPolicy = (partition: string) => {
                     "elasticloadbalancing:DeleteLoadBalancer",
                     "elasticloadbalancing:ModifyTargetGroup",
                     "elasticloadbalancing:ModifyTargetGroupAttributes",
-                    "elasticloadbalancing:DeleteTargetGroup"
+                    "elasticloadbalancing:DeleteTargetGroup",
+                    "elasticloadbalancing:ModifyListenerAttributes"
                 ],
                 "Resource": "*",
                 "Condition": {