From 06f988b8e5c61846c037c3673eaf24f5b72db362 Mon Sep 17 00:00:00 2001
From: Sergio Garcia <38561120+sergargar@users.noreply.github.com>
Date: Wed, 28 Feb 2024 13:42:11 +0100
Subject: [PATCH] chore(allowlist): add AFT IAM roles to allowlist (#3460)

---
 prowler/config/aws_allowlist.yaml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/prowler/config/aws_allowlist.yaml b/prowler/config/aws_allowlist.yaml
index 6ba4dc9f..c9f5c0cc 100644
--- a/prowler/config/aws_allowlist.yaml
+++ b/prowler/config/aws_allowlist.yaml
@@ -38,6 +38,9 @@ Allowlist:
             - "aws-controltower-ReadOnlyExecutionRole"
             - "AWSControlTower_VPCFlowLogsRole"
             - "AWSControlTowerExecution"
+            - "AWSAFTAdmin"
+            - "AWSAFTExecution"
+            - "AWSAFTService"
         "iam_policy_*":
           Regions:
             - "*"