Add the SSM Managed Instance Core Policy to the permission boundary w…

…hen testing IAM resource prefixes Signed-off-by: Eddy Mwiti <[email protected]> (cherry picked from commit d746f75)
aws · Nov 30, 2023 · 8603bc0 · 8603bc0
1 parent 0ae6bd1
commit 8603bc0
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/tests/integration-tests/tests/iam/test_iam.py b/tests/integration-tests/tests/iam/test_iam.py
@@ -668,7 +668,8 @@ def _create_permission_boundary(permission_boundary_name):
                     ],
                     "Effect": "Allow",
                     "Resource": [
-                        {"Fn::Sub": "arn:${AWS::Partition}:iam::${AWS::AccountId}:policy/${CustomIamNamePrefix}*"}
+                        {"Fn::Sub": "arn:${AWS::Partition}:iam::${AWS::AccountId}:policy/${CustomIamNamePrefix}*"},
+                        {"Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore"},
                     ],
                 },
             ],