From cc5da4279709c571aebc73d4fa1419e54163fdd9 Mon Sep 17 00:00:00 2001
From: Dominick Bellizzi <dmb27@cornell.edu>
Date: Wed, 18 Dec 2019 14:53:09 -0800
Subject: [PATCH] add lambda:get* to prowler-additions-policy

The check: 7.60 [extra760] Find secrets in Lambda functions code (Not Scored) (Not part of CIS benchmark)

errors by default, with the following:
An error occurred (AccessDeniedException) when calling the GetFunction operation: User: user/prowler is not authorized to perform: lambda:GetFunction on resource: arn:aws:lambda:eu-west-2:347708466071:function:ApiSimpleDelayDDMonitor

Adding this policy to be successfully run that check.
---
 iam/prowler-additions-policy.json | 1 +
 1 file changed, 1 insertion(+)

diff --git a/iam/prowler-additions-policy.json b/iam/prowler-additions-policy.json
index c95b05f2..0f4b24f8 100644
--- a/iam/prowler-additions-policy.json
+++ b/iam/prowler-additions-policy.json
@@ -50,6 +50,7 @@
               "gamelift:list*",
               "glacier:list*",
               "importexport:listjobs",
+              "lambda:get*",
               "lex:getbotaliases",
               "lex:getbotchannelassociations",
               "lex:getbots",