From 24c16397e2ff498e9084f42d43ffb067326820ab Mon Sep 17 00:00:00 2001
From: Ben Eggers <ben@beneggers.com>
Date: Tue, 25 Jun 2024 11:22:09 -0700
Subject: [PATCH] screw it, be permissive

---
 terraform/github_actions.tf | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/terraform/github_actions.tf b/terraform/github_actions.tf
index cea734e..e7e0507 100644
--- a/terraform/github_actions.tf
+++ b/terraform/github_actions.tf
@@ -33,9 +33,9 @@ resource "aws_iam_role" "github_actions" {
 data "aws_iam_policy_document" "github_actions_policy" {
   statement {
     actions = [
-      "cloudfront:GetCloudFrontOriginAccessIdentity",
-      "cloudfront:CreateInvalidation",
-      "iam:GetOpenIDConnectProvider",
+      "acm:*",
+      "cloudfront:*",
+      "iam:*",
       "route53:*",
       "s3:*",
     ]