Update iam.tf

[ep-93]

A reference to the issue / Description of it

https://moj.enterprise.slack.com/archives/C01A7QK5VM1/p1731927589555049

How does this PR fix the problem?

Adds what is required.

Deployment Plan / Instructions

Checklist (check x in [ ] of list items)

• I have performed a self-review of my own code
• All checks have passed

Additional comments (if any)

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/digital-prison-reporting

---

Running Trivy in terraform/environments/digital-prison-reporting
2024-11-18T11:11:07Z INFO [vulndb] Need to update DB
2024-11-18T11:11:07Z INFO [vulndb] Downloading vulnerability DB...
2024-11-18T11:11:07Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2024-11-18T11:11:09Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2024-11-18T11:11:09Z INFO [vuln] Vulnerability scanning is enabled
2024-11-18T11:11:09Z INFO [misconfig] Misconfiguration scanning is enabled
2024-11-18T11:11:09Z INFO [misconfig] Need to update the built-in checks
2024-11-18T11:11:09Z INFO [misconfig] Downloading the built-in checks...
160.60 KiB / 160.60 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2024-11-18T11:11:09Z INFO [secret] Secret scanning is enabled
2024-11-18T11:11:09Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-11-18T11:11:09Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2024-11-18T11:11:10Z INFO [terraform scanner] Scanning root module file_path="."
2024-11-18T11:11:10Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2024-11-18T11:11:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2024-11-18T11:11:11Z INFO Number of language-specific files num=0
2024-11-18T11:11:11Z INFO Detected config files num=2
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/digital-prison-reporting

*****************************

Running Checkov in terraform/environments/digital-prison-reporting
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-11-18 11:11:13,882 [MainThread  ] [WARNI]  [ArmLocalGraph] created 0 vertices
2024-11-18 11:11:13,894 [MainThread  ] [WARNI]  [ArmLocalGraph] created 0 edges
terraform scan results:

Passed checks: 19, Failed checks: 0, Skipped checks: 5


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/digital-prison-reporting

*****************************

Running tflint in terraform/environments/digital-prison-reporting
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/digital-prison-reporting

*****************************

Running Trivy in terraform/environments/digital-prison-reporting
2024-11-18T11:11:07Z	INFO	[vulndb] Need to update DB
2024-11-18T11:11:07Z	INFO	[vulndb] Downloading vulnerability DB...
2024-11-18T11:11:07Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2024-11-18T11:11:09Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2024-11-18T11:11:09Z	INFO	[vuln] Vulnerability scanning is enabled
2024-11-18T11:11:09Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-11-18T11:11:09Z	INFO	[misconfig] Need to update the built-in checks
2024-11-18T11:11:09Z	INFO	[misconfig] Downloading the built-in checks...
160.60 KiB / 160.60 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2024-11-18T11:11:09Z	INFO	[secret] Secret scanning is enabled
2024-11-18T11:11:09Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-11-18T11:11:09Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2024-11-18T11:11:10Z	INFO	[terraform scanner] Scanning root module	file_path="."
2024-11-18T11:11:10Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2024-11-18T11:11:10Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2024-11-18T11:11:11Z	INFO	Number of language-specific files	num=0
2024-11-18T11:11:11Z	INFO	Detected config files	num=2
trivy_exitcode=0