From 101cbcd44df14e2cab55f4252992e65dd8fe764a Mon Sep 17 00:00:00 2001
From: Darren <75614232+dmurray-lacework@users.noreply.github.com>
Date: Mon, 6 Feb 2023 14:20:01 +0000
Subject: [PATCH] refactor: remove unneeded debug permissions (#109)

---
 main.tf | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/main.tf b/main.tf
index 135a2b6..d91b6e4 100644
--- a/main.tf
+++ b/main.tf
@@ -498,18 +498,11 @@ data "aws_iam_policy_document" "cross_account_policy" {
     resources = ["*"]
     actions = [
       "cloudtrail:DescribeTrails",
-      "cloudtrail:GetTrail",
       "cloudtrail:GetTrailStatus",
-      "cloudtrail:ListPublicKeys",
-      "s3:GetBucketAcl",
       "s3:GetBucketPolicy",
-      "s3:ListAllMyBuckets",
       "s3:GetBucketLocation",
-      "s3:GetBucketLogging",
-      "sns:GetSubscriptionAttributes",
       "sns:GetTopicAttributes",
       "sns:ListSubscriptions",
-      "sns:ListSubscriptionsByTopic",
       "sns:ListTopics"
     ]
   }