From c6a2cd1383363ae5dc3ad07f9d6133a33fde7ccd Mon Sep 17 00:00:00 2001
From: Matthew Wimpelberg <matt.wimpelberg@grafana.com>
Date: Fri, 25 Oct 2024 09:55:53 -0400
Subject: [PATCH] adding s3 principal to iam policy attached to sqs

---
 tools/lambda-promtail/sqs.tf | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tools/lambda-promtail/sqs.tf b/tools/lambda-promtail/sqs.tf
index 7080eaab4c4a..bdc03fa159f0 100644
--- a/tools/lambda-promtail/sqs.tf
+++ b/tools/lambda-promtail/sqs.tf
@@ -32,6 +32,10 @@ data "aws_iam_policy_document" "queue_policy" {
       "sqs:SendMessage"
     ]
     resources = ["arn:aws:sqs:*:*:${var.sqs_queue_name_prefix}-main-queue"]
+    principals {
+      type        = "Service"
+      identifiers = ["s3.amazonaws.com"]
+    }
     condition {
       test     = "ArnEquals"
       variable = "aws:SourceArn"