From 0e6115c36728cdbdc78633db12bceaae54acf73e Mon Sep 17 00:00:00 2001 From: Austin Taylor Heiman Date: Mon, 4 May 2026 08:22:35 -0500 Subject: [PATCH 1/2] sc-developer: allow appconfig:* CEDSCI developers need to use appconfig for ECS task configuration at runtime --- policies/sc-developer/policy.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/policies/sc-developer/policy.tf b/policies/sc-developer/policy.tf index 0fff97b..8e88909 100644 --- a/policies/sc-developer/policy.tf +++ b/policies/sc-developer/policy.tf @@ -53,6 +53,7 @@ data "aws_iam_policy_document" "inline" { actions = [ "athena:*", "apigateway:*", + "appconfig:*", "bedrock:*", "logs:*", "cloudshell:*", From c822c613b75faee2034dc36a8efc92dda46e4c8f Mon Sep 17 00:00:00 2001 From: Austin Taylor Heiman Date: Mon, 4 May 2026 14:59:13 -0500 Subject: [PATCH 2/2] sc-developer sso permission set: allow s3files:* CEDSCI developers use s3files for their applications to cache large filesystems in S3 --- policies/sc-developer/policy.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/policies/sc-developer/policy.tf b/policies/sc-developer/policy.tf index 8e88909..c8a366d 100644 --- a/policies/sc-developer/policy.tf +++ b/policies/sc-developer/policy.tf @@ -85,6 +85,7 @@ data "aws_iam_policy_document" "inline" { "quicksight:*", "rds:*", "s3:*", + "s3files:*", "secretsmanager:*", "states:*", "sqs:*",