From cfa24462cd61df1ce96bbcbb15c9ce0aa9b0958c Mon Sep 17 00:00:00 2001
From: Yisheng Cai <yisheng.cai@streamnative.io>
Date: Mon, 25 Nov 2024 11:21:45 +0800
Subject: [PATCH] fix: Add new required EKS permissions (#99)

- `eks:AssociateAccessPolicy`
- `eks:DisassociateAccessPolicy`
- `eks:DeleteAccessEntry`
---
 modules/aws/vendor-access/files/provision2.json.tpl | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/modules/aws/vendor-access/files/provision2.json.tpl b/modules/aws/vendor-access/files/provision2.json.tpl
index 53f64df..89dbf68 100644
--- a/modules/aws/vendor-access/files/provision2.json.tpl
+++ b/modules/aws/vendor-access/files/provision2.json.tpl
@@ -100,7 +100,10 @@
       "Effect": "Allow",
       "Action": [
         "eks:TagResource",
-        "eks:UntagResource"
+        "eks:UntagResource",
+        "eks:AssociateAccessPolicy",
+        "eks:DisassociateAccessPolicy",
+        "eks:DeleteAccessEntry"
       ],
       "Resource": "*",
       "Condition": {