From 9b301039f585fbcf85ac66eb8c6a452ac47cc8bb Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Tue, 11 Apr 2023 13:09:52 -0400
Subject: [PATCH] add ssm parameter

---
 route53-zone-association/lambda-role/main.tf    | 2 ++
 route53-zone-association/terraform-role/main.tf | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/route53-zone-association/lambda-role/main.tf b/route53-zone-association/lambda-role/main.tf
index dfc7e80..5cf777a 100644
--- a/route53-zone-association/lambda-role/main.tf
+++ b/route53-zone-association/lambda-role/main.tf
@@ -53,6 +53,8 @@ data "aws_iam_policy_document" "policy" {
       "route53:List*",
       "route53:TestDNSAnswer",
       "route53:ChangeResourceRecordSets",
+      "ssm:DescribeParameters",
+      "ssm:GetParameter*",
     ]
     resources = ["*"]
   }
diff --git a/route53-zone-association/terraform-role/main.tf b/route53-zone-association/terraform-role/main.tf
index f0f6722..90fa6a8 100644
--- a/route53-zone-association/terraform-role/main.tf
+++ b/route53-zone-association/terraform-role/main.tf
@@ -57,6 +57,8 @@ data "aws_iam_policy_document" "policy" {
       "route53:DeleteVPCAssociationAuthorization",
       "route53:TestDNSAnswer",
       "route53:ChangeResourceRecordSets",
+      "ssm:DescribeParameters",
+      "ssm:GetParameter*",
     ]
     resources = ["*"]
   }