From ebdba64b80e3e44b35c4289b1bb2a3e1f3276f3f Mon Sep 17 00:00:00 2001
From: ljohnny <ljohnny@fortinet.com>
Date: Thu, 12 Dec 2024 23:09:33 +0000
Subject: [PATCH] feat: add kinesisanalytics permissions

Signed-off-by: ljohnny <ljohnny@fortinet.com>
---
 README.md |  6 +++++-
 main.tf   | 10 ++++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index fbd7e4b..37ce4cc 100644
--- a/README.md
+++ b/README.md
@@ -177,4 +177,8 @@ The audit policy is comprised of the following permissions:
 |                            | compute-optimizer:GetEnrollmentStatusesForOrganization  |           |
 |                            | compute-optimizer:GetLambdaFunctionRecommendations      |           |
 |                            | compute-optimizer:GetRecommendationPreferences          |           |
-|                            | compute-optimizer:GetRecommendationSummaries            |           |
\ No newline at end of file
+|                            | compute-optimizer:GetRecommendationSummaries            |           |
+| KINESISANALYTICS           | kinesisanalytics:ListApplicationSnapshots               |           |
+|                            | kinesisanalytics:ListApplicationVersions                |           |
+|                            | kinesisanalytics:DescribeApplicationVersion             |           |
+|                            | kinesisanalytics:DescribeApplication                    |           |
diff --git a/main.tf b/main.tf
index f87dbd3..1732177 100644
--- a/main.tf
+++ b/main.tf
@@ -238,6 +238,16 @@ data "aws_iam_policy_document" "lacework_audit_policy" {
     ]
     resources = ["*"]
   }
+
+  statement {
+    sid = "KINESISANALYTICS"
+    actions = ["kinesisanalytics:ListApplicationSnapshots",
+      "kinesisanalytics:ListApplicationVersions",
+      "kinesisanalytics:DescribeApplicationVersion",
+      "kinesisanalytics:DescribeApplication",
+    ]
+    resources = ["*"]
+  }
 }
 
 resource "aws_iam_policy" "lacework_audit_policy" {