fix: add missing GetParameter policy (#1058)

davidramosweb · web-flow · commit e1071fa81a52 · 2023-12-21T14:54:00.000+01:00
## Description This pull request addresses a bug where utilizing the module with 'access_token_secure_parameter_store_name' instead of 'registration_token' results in a failure to retrieve the parameter value, leading to an error. The issue manifests when the module is applied, and subsequent attempts by the EC2 instance to fetch the parameter during runtime result in a 'permission denied' error, as observed in CloudWatch logs Closes #1057 ## Migrations required No
diff --git a/policies/instance-secure-parameter-role-policy.json b/policies/instance-secure-parameter-role-policy.json
@@ -11,6 +11,7 @@
         {
             "Effect": "Allow",
             "Action": [
+                "ssm:GetParameter",
                 "ssm:GetParameters"
             ],
             "Resource": "arn:${partition}:ssm:*"

Original file line number	Diff line number	Diff line change
`@@ -11,6 +11,7 @@`
`11`	`11`	`{`
`12`	`12`	`"Effect": "Allow",`
`13`	`13`	`"Action": [`
	`14`	`+ "ssm:GetParameter",`
`14`	`15`	`"ssm:GetParameters"`
`15`	`16`	`],`
`16`	`17`	`"Resource": "arn:${partition}:ssm:*"`