Add anywhere permissions

bjoepfeiffer · bjoepfeiffer · commit 717dbf4fdb9e · 2025-08-06T15:33:47.000-04:00
diff --git a/cloudformation/iam-cloudformation-detailed/cloudformation-template.json b/cloudformation/iam-cloudformation-detailed/cloudformation-template.json
@@ -525,7 +525,11 @@
                 "opensearch:ListDomainNames",
                 "states:DescribeStateMachine",
                 "states:ListStateMachines",
-                "states:ListTagsForResource"
+                "states:ListTagsForResource",
+                "rolesanywhere:GetProfile",
+                "rolesanywhere:GetTrustAnchor",
+                "rolesanywhere:ListProfiles",
+                "rolesanywhere:ListTrustAnchors"
               ]
             }
           ]
diff --git a/cloudformation/iam-cloudformation-detailed/managed-policy.md b/cloudformation/iam-cloudformation-detailed/managed-policy.md
@@ -482,7 +482,11 @@
         "opensearch:ListDomainNames",
         "states:DescribeStateMachine",
         "states:ListStateMachines",
-        "states:ListTagsForResource"
+        "states:ListTagsForResource",
+        "rolesanywhere:GetProfile",
+        "rolesanywhere:GetTrustAnchor",
+        "rolesanywhere:ListProfiles",
+        "rolesanywhere:ListTrustAnchors"
       ]
     }
   ]
diff --git a/cloudformation/iam-cloudformation-detailed/terraform.tf b/cloudformation/iam-cloudformation-detailed/terraform.tf
@@ -518,7 +518,11 @@ resource "aws_iam_policy" "jupiterone_security_audit_policy_3" {
         "opensearch:ListDomainNames",
         "states:DescribeStateMachine",
         "states:ListStateMachines",
-        "states:ListTagsForResource"
+        "states:ListTagsForResource",
+        "rolesanywhere:GetProfile",
+        "rolesanywhere:GetTrustAnchor",
+        "rolesanywhere:ListProfiles",
+        "rolesanywhere:ListTrustAnchors"
       ]
     }
   ]

Original file line number	Diff line number	Diff line change
`@@ -525,7 +525,11 @@`
`525`	`525`	`"opensearch:ListDomainNames",`
`526`	`526`	`"states:DescribeStateMachine",`
`527`	`527`	`"states:ListStateMachines",`
`528`		`- "states:ListTagsForResource"`
	`528`	`+ "states:ListTagsForResource",`
	`529`	`+ "rolesanywhere:GetProfile",`
	`530`	`+ "rolesanywhere:GetTrustAnchor",`
	`531`	`+ "rolesanywhere:ListProfiles",`
	`532`	`+ "rolesanywhere:ListTrustAnchors"`
`529`	`533`	`]`
`530`	`534`	`}`
`531`	`535`	`]`
Original file line number	Diff line number	Diff line change
`@@ -482,7 +482,11 @@`
`482`	`482`	`"opensearch:ListDomainNames",`
`483`	`483`	`"states:DescribeStateMachine",`
`484`	`484`	`"states:ListStateMachines",`
`485`		`- "states:ListTagsForResource"`
	`485`	`+ "states:ListTagsForResource",`
	`486`	`+ "rolesanywhere:GetProfile",`
	`487`	`+ "rolesanywhere:GetTrustAnchor",`
	`488`	`+ "rolesanywhere:ListProfiles",`
	`489`	`+ "rolesanywhere:ListTrustAnchors"`
`486`	`490`	`]`
`487`	`491`	`}`
`488`	`492`	`]`
Original file line number	Diff line number	Diff line change
`@@ -518,7 +518,11 @@ resource "aws_iam_policy" "jupiterone_security_audit_policy_3" {`
`518`	`518`	`"opensearch:ListDomainNames",`
`519`	`519`	`"states:DescribeStateMachine",`
`520`	`520`	`"states:ListStateMachines",`
`521`		`- "states:ListTagsForResource"`
	`521`	`+ "states:ListTagsForResource",`
	`522`	`+ "rolesanywhere:GetProfile",`
	`523`	`+ "rolesanywhere:GetTrustAnchor",`
	`524`	`+ "rolesanywhere:ListProfiles",`
	`525`	`+ "rolesanywhere:ListTrustAnchors"`
`522`	`526`	`]`
`523`	`527`	`}`
`524`	`528`	`]`