From 65d82079ed23944b2c1ade8f04629027dee27c28 Mon Sep 17 00:00:00 2001
From: Sanket Dharwadkar <sdharwad@amazon.com>
Date: Mon, 5 Apr 2021 16:59:52 -0400
Subject: [PATCH] fix: policy version permissions for App Deployer (#424)

* fix: policy version permissions for App Deployer

* fix: adding GetPolicy perm
---
 main/cicd/cicd-pipeline/config/infra/cloudformation.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/main/cicd/cicd-pipeline/config/infra/cloudformation.yml b/main/cicd/cicd-pipeline/config/infra/cloudformation.yml
index 576f4933b2..ab8c9a2c85 100644
--- a/main/cicd/cicd-pipeline/config/infra/cloudformation.yml
+++ b/main/cicd/cicd-pipeline/config/infra/cloudformation.yml
@@ -236,6 +236,8 @@ Resources:
                 Effect: Allow
               - Action:
                   - iam:CreatePolicy
+                  - iam:GetPolicy
+                  - iam:*PolicyVersion*
                 Effect: Allow
                 Resource: !Sub 'arn:aws:iam::${AWS::AccountId}:policy/${self:custom.settings.namespace}-*'
               - Action: