From 76e3b212e1c2cbdc510b927e5b8006fd19cd302c Mon Sep 17 00:00:00 2001
From: Suhas Mallesh <smallesh@bamboohealth.com>
Date: Fri, 15 Dec 2023 07:50:46 -0800
Subject: [PATCH] Add unit_test_trigger access to parameter (#30)

---
 lambda_function/unit_test_trigger.tf | 9 +++++++++
 lambda_layer/unit_test_trigger.tf    | 9 +++++++++
 2 files changed, 18 insertions(+)

diff --git a/lambda_function/unit_test_trigger.tf b/lambda_function/unit_test_trigger.tf
index 2555853..07a29b1 100644
--- a/lambda_function/unit_test_trigger.tf
+++ b/lambda_function/unit_test_trigger.tf
@@ -49,6 +49,15 @@ resource "aws_iam_role_policy" "unit_test_codebuild" {
           "logs:CreateLogStream",
           "logs:PutLogEvents"
         ]
+      },
+      {
+        Effect = "Allow",
+        Action = [
+          "ssm:GetParameter*"
+        ],
+        Resource = [
+          "arn:aws:ssm:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:parameter/cloudeng/infra/github/token"
+        ]
       }
     ]
   })
diff --git a/lambda_layer/unit_test_trigger.tf b/lambda_layer/unit_test_trigger.tf
index 77bfb67..d2b5964 100644
--- a/lambda_layer/unit_test_trigger.tf
+++ b/lambda_layer/unit_test_trigger.tf
@@ -49,6 +49,15 @@ resource "aws_iam_role_policy" "unit_test_codebuild" {
           "logs:CreateLogStream",
           "logs:PutLogEvents"
         ]
+      },
+      {
+        Effect = "Allow",
+        Action = [
+          "ssm:GetParameter*"
+        ],
+        Resource = [
+          "arn:aws:ssm:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:parameter/cloudeng/infra/github/token"
+        ]
       }
     ]
   })