From bbb857eb6ca72bcf85db4e97503f0ffa97ab4e84 Mon Sep 17 00:00:00 2001
From: George Taylor <george.taylor@digital.justice.gov.uk>
Date: Fri, 27 Oct 2023 14:33:26 +0100
Subject: [PATCH] Add ssm:PutParameter to oidc policy (#5307)

---
 terraform/environments/bootstrap/member-bootstrap/iam.tf | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/terraform/environments/bootstrap/member-bootstrap/iam.tf b/terraform/environments/bootstrap/member-bootstrap/iam.tf
index 3317d000a..1f5ea82c3 100644
--- a/terraform/environments/bootstrap/member-bootstrap/iam.tf
+++ b/terraform/environments/bootstrap/member-bootstrap/iam.tf
@@ -457,7 +457,8 @@ data "aws_iam_policy_document" "policy" {
       "secretsmanager:ListSecrets",
       "secretsmanager:DescribeSecret",
       "secretsmanager:GetResourcePolicy",
-      "ssm:GetParameter"
+      "ssm:GetParameter",
+      "ssm:PutParameter"
     ]
     resources = ["*"] #tfsec:ignore:AWS099 tfsec:ignore:AWS097
   }