From 062f8b339fa5501eaa666701ff2e337ce13a3214 Mon Sep 17 00:00:00 2001
From: Danny Rorabaugh <imnasnainaec@gmail.com>
Date: Thu, 7 Nov 2024 10:48:56 -0500
Subject: [PATCH] Add cloudfront endpoint

---
 .github/workflows/deploy_qa.yml   | 1 +
 .github/workflows/maintenance.yml | 1 +
 2 files changed, 2 insertions(+)

diff --git a/.github/workflows/deploy_qa.yml b/.github/workflows/deploy_qa.yml
index 41605c4092..50154f0cc7 100644
--- a/.github/workflows/deploy_qa.yml
+++ b/.github/workflows/deploy_qa.yml
@@ -26,6 +26,7 @@ jobs:
           egress-policy: block
           allowed-endpoints: >
             *.actions.githubusercontent.com:443
+            *.cloudfront.net:443
             *.data.mcr.microsoft.com:443
             ${{ secrets.AWS_ACCOUNT }}.dkr.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com
             api.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com:443
diff --git a/.github/workflows/maintenance.yml b/.github/workflows/maintenance.yml
index d51a31b25c..62ef4dc045 100644
--- a/.github/workflows/maintenance.yml
+++ b/.github/workflows/maintenance.yml
@@ -23,6 +23,7 @@ jobs:
           disable-sudo: true
           egress-policy: block
           allowed-endpoints: >
+            *.cloudfront.net:443
             archive.ubuntu.com:80
             auth.docker.io:443
             files.pythonhosted.org:443