adding s3 principal to iam policy attached to sqs

grafana · Oct 25, 2024 · c6a2cd1 · c6a2cd1
1 parent 5034d34
commit c6a2cd1
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/tools/lambda-promtail/sqs.tf b/tools/lambda-promtail/sqs.tf
@@ -32,6 +32,10 @@ data "aws_iam_policy_document" "queue_policy" {
       "sqs:SendMessage"
     ]
     resources = ["arn:aws:sqs:*:*:${var.sqs_queue_name_prefix}-main-queue"]
+    principals {
+      type        = "Service"
+      identifiers = ["s3.amazonaws.com"]
+    }
     condition {
       test     = "ArnEquals"
       variable = "aws:SourceArn"