From 4356831f92899e5a82994eff83d643cb451241fd Mon Sep 17 00:00:00 2001
From: julialawrence <julia.lawrence@digital.justice.gov.uk>
Date: Fri, 31 Jan 2025 11:50:34 +0000
Subject: [PATCH] Adding permissions for cross-region inference

---
 .../tooling-iam/tooling-integration-iam-policies.tf           | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/terraform/aws/analytical-platform-data-production/tooling-iam/tooling-integration-iam-policies.tf b/terraform/aws/analytical-platform-data-production/tooling-iam/tooling-integration-iam-policies.tf
index 455bf65e66..051870efdc 100644
--- a/terraform/aws/analytical-platform-data-production/tooling-iam/tooling-integration-iam-policies.tf
+++ b/terraform/aws/analytical-platform-data-production/tooling-iam/tooling-integration-iam-policies.tf
@@ -5,6 +5,7 @@ data "aws_iam_policy_document" "bedrock_integration" {
   statement {
     sid    = "AnalyticalPlatformBedrockIntegration"
     effect = "Allow"
+
     actions = [
       "bedrock:ListFoundationModels",
       "bedrock:GetFoundationModel",
@@ -53,8 +54,11 @@ data "aws_iam_policy_document" "bedrock_integration" {
       "bedrock:CreateModelInvocationJob",
       "bedrock:GetModelInvocationJob",
       "bedrock:ListModelInvocationJobs",
+      "bedrock:GetInferenceProfile",
+      "bedrock:DeleteInferenceProfile",
       "bedrock:StopModelInvocationJob"
     ]
+
     resources = ["*"]
     condition {
       test     = "StringEquals"