From 0853e77b52d4caac3572c14c9da78bb929ced8b6 Mon Sep 17 00:00:00 2001
From: Jingjing Zhang <jingjing.zhang@lacework.net>
Date: Wed, 13 Dec 2023 11:44:25 -0800
Subject: [PATCH] revert glacier

---
 README.md | 1 +
 main.tf   | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/README.md b/README.md
index ae761f8..67ffe5b 100644
--- a/README.md
+++ b/README.md
@@ -101,6 +101,7 @@ The audit policy is comprised of the following permissions:
 | SSO                        | sso:DescribeAccountAssignmentDeletionStatus             | *         |
 |                            | sso:DescribeInstanceAccessControlAttributeConfiguration |           |
 |                            | sso:GetInlinePolicyForPermissionSet                     |           |
+| GLACIER                    | glacier:ListTagsForVault                                | *         |
 | APIGATEWAY                 | apigateway:GET                                          | arn:aws:apigateway:*::/apikeys/*         |      |
 | WAFREGIONAL                | waf-regional:ListRules                                  | *         |
 |                            | waf-regional:GetRule                                    |           |
diff --git a/main.tf b/main.tf
index 0ff9a94..5fe1b35 100644
--- a/main.tf
+++ b/main.tf
@@ -97,6 +97,12 @@ data "aws_iam_policy_document" "lacework_audit_policy" {
     resources = ["arn:aws:apigateway:*::/apikeys/*"]
   }
 
+  statement {
+    sid = "GLACIER"
+    actions = ["glacier:ListTagsForVault"]
+    resources = ["*"]
+  }
+  
   statement {
     sid = "WAFREGIONAL"
     actions = ["waf-regional:ListRules",