Add DescribeStacks Perm for parent stack

dfpc-coe · Mar 11, 2024 · c032f3b · c032f3b
1 parent a87cbbf
commit c032f3b
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/cloudformation/lib/api.js b/cloudformation/lib/api.js
@@ -161,6 +161,14 @@ export default {
                                 cf.join(['arn:', cf.partition, ':secretsmanager:', cf.region, ':', cf.accountId, ':secret:', cf.stackName, '/*'])
                             ]
                         },{ // ------------ Permissions Required to stand up lambda tasks ------------
+                            Effect: 'Allow',
+                            Action: [
+                                'cloudformation:DescribeStacks'
+                            ],
+                            Resource: [
+                                cf.join(['arn:', cf.partition, ':cloudformation:', cf.region, ':', cf.accountId, ':stack/', cf.stackName])
+                            ]
+                        },{
                             Effect: 'Allow',
                             Action: [
                                 'iam:PassRole'