update oidc permissions

CDCgov · Dec 11, 2024 · 3300586 · 3300586
1 parent 9c7e63e
commit 3300586
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 0 deletions.
diff --git a/terraform/implementation/ecs/main.tf b/terraform/implementation/ecs/main.tf
@@ -48,6 +48,9 @@ module "ecs" {
   # If the intent is to disable authentication, set ecr_viewer_app_env to "test" (default is "prod")
   # ecr_viewer_app_env = "test"
 
+  # If the intent is to disable autoscaling, set autoscaling to false (default is true)
+  enable_autoscaling = false
+
   # If intent is to use a metadata database for polutating the ecr-viewer library, setup the database data object to connect to the database (supported databases are postgres and sqlserver)
   # Postgresql database example
   # postgres_database_data = {

diff --git a/terraform/modules/oidc/_data.tf b/terraform/modules/oidc/_data.tf
@@ -54,6 +54,9 @@ data "aws_iam_policy_document" "wildcard" {
       "acm:DescribeCertificate",
       "acm:GetCertificate",
       "acm:ListTagsForCertificate",
+      "application-autoscaling:DescribeScalableTargets",
+      "application-autoscaling:DescribeScalingPolicies",
+      "application-autoscaling:ListTagsForResource",
       "ec2:DescribeAddresses",
       "ec2:DescribeVpcEndpoints",
       "ec2:DescribePrefixLists",