From 966c4f8bc7f9a0742a157d6b8a4a80b4f01d6aa1 Mon Sep 17 00:00:00 2001
From: John Stewart <32647598+jstewart612@users.noreply.github.com>
Date: Fri, 4 Oct 2024 17:27:39 -0400
Subject: [PATCH] feat: Update IAM policy for AWS Load Balancer Controller to
 support Listener Attributes (#525)

Co-authored-by: Aleksei Vesnin <aleksei@vesnin.me>
---
 modules/iam-role-for-service-accounts-eks/policies.tf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/modules/iam-role-for-service-accounts-eks/policies.tf b/modules/iam-role-for-service-accounts-eks/policies.tf
index b710efd2..20a087d7 100644
--- a/modules/iam-role-for-service-accounts-eks/policies.tf
+++ b/modules/iam-role-for-service-accounts-eks/policies.tf
@@ -846,6 +846,7 @@ data "aws_iam_policy_document" "load_balancer_controller" {
       "elasticloadbalancing:DescribeTargetHealth",
       "elasticloadbalancing:DescribeTags",
       "elasticloadbalancing:DescribeTrustStores",
+      "elasticloadbalancing:DescribeListenerAttributes",
     ]
     resources = ["*"]
   }
@@ -1007,6 +1008,7 @@ data "aws_iam_policy_document" "load_balancer_controller" {
       "elasticloadbalancing:ModifyTargetGroup",
       "elasticloadbalancing:ModifyTargetGroupAttributes",
       "elasticloadbalancing:DeleteTargetGroup",
+      "elasticloadbalancing:ModifyListenerAttributes",
     ]
     resources = ["*"]