From c32fa9aa1fd53e20f16af5b3e166839beb4dc817 Mon Sep 17 00:00:00 2001
From: Toni de la Fuente <c054617@yara.com>
Date: Tue, 27 Jul 2021 14:43:20 +0200
Subject: [PATCH] Added s3 and glue required permissions

---
 iam/create_role_to_assume_cfn.yaml | 2 ++
 iam/prowler-additions-policy.json  | 4 +++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/iam/create_role_to_assume_cfn.yaml b/iam/create_role_to_assume_cfn.yaml
index 6414f810..99e0a767 100644
--- a/iam/create_role_to_assume_cfn.yaml
+++ b/iam/create_role_to_assume_cfn.yaml
@@ -63,4 +63,6 @@ Resources:
                 - 'support:Describe*'
                 - 'tag:GetTagKeys'
                 - 'lambda:GetFunction'
+                - 'glue:GetConnections',
+                - 's3:GetAccountPublicAccessBlock'
               Resource: '*'
diff --git a/iam/prowler-additions-policy.json b/iam/prowler-additions-policy.json
index 33eacc35..441104ff 100644
--- a/iam/prowler-additions-policy.json
+++ b/iam/prowler-additions-policy.json
@@ -10,7 +10,9 @@
                 "ecr:Describe*",
                 "support:Describe*",
                 "tag:GetTagKeys",
-		"lambda:GetFunction"
+		        "lambda:GetFunction",
+                "glue:GetConnections",
+                "s3:GetAccountPublicAccessBlock"
             ],
             "Resource": "*",
             "Effect": "Allow",