From ffe147b5b5dd5a0aca7720fccdecafc017e1179d Mon Sep 17 00:00:00 2001
From: Toni de la Fuente <c054617@yara.com>
Date: Tue, 27 Jul 2021 14:49:58 +0200
Subject: [PATCH] Added s3 and glue required permissions and removed obsoletes

---
 iam/create_role_to_assume_cfn.yaml | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/iam/create_role_to_assume_cfn.yaml b/iam/create_role_to_assume_cfn.yaml
index 99e0a767..1e1140a1 100644
--- a/iam/create_role_to_assume_cfn.yaml
+++ b/iam/create_role_to_assume_cfn.yaml
@@ -55,14 +55,12 @@ Resources:
             Statement:
             - Effect: Allow
               Action:
-                - 'dax:ListTables'
                 - 'ds:ListAuthorizedApplications'
-                - 'ds:DescribeRoles'
                 - 'ec2:GetEbsEncryptionByDefault'
                 - 'ecr:Describe*'
                 - 'support:Describe*'
                 - 'tag:GetTagKeys'
                 - 'lambda:GetFunction'
-                - 'glue:GetConnections',
+                - 'glue:GetConnections'
                 - 's3:GetAccountPublicAccessBlock'
               Resource: '*'