From d20e84b4d37f7415cc7bc1d0e2c194a52789d094 Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Thu, 6 Apr 2023 15:32:12 -0400
Subject: [PATCH] add ec2:DescribeAvailabilityZones

---
 route53-zone-association/lambda-role/main.tf    | 1 +
 route53-zone-association/terraform-role/main.tf | 1 +
 2 files changed, 2 insertions(+)

diff --git a/route53-zone-association/lambda-role/main.tf b/route53-zone-association/lambda-role/main.tf
index 25de0c1..dfc7e80 100644
--- a/route53-zone-association/lambda-role/main.tf
+++ b/route53-zone-association/lambda-role/main.tf
@@ -48,6 +48,7 @@ data "aws_iam_policy_document" "policy" {
     actions = [
       "iam:ListAccountAliases",
       "ec2:DescribeVpcs",
+      "ec2:DescribeAvailabilityZones",
       "route53:Get*",
       "route53:List*",
       "route53:TestDNSAnswer",
diff --git a/route53-zone-association/terraform-role/main.tf b/route53-zone-association/terraform-role/main.tf
index a72f3f9..f0f6722 100644
--- a/route53-zone-association/terraform-role/main.tf
+++ b/route53-zone-association/terraform-role/main.tf
@@ -48,6 +48,7 @@ data "aws_iam_policy_document" "policy" {
     actions = [
       "iam:ListAccountAliases",
       "ec2:DescribeVpcs",
+      "ec2:DescribeAvailabilityZones",
       "route53:Get*",
       "route53:List*",
       "route53:AssociateVPCWithHostedZone",