From 9cfab4a2712523308b03acf2d370ea44128b4128 Mon Sep 17 00:00:00 2001
From: Tim N <1721747+timnee@users.noreply.github.com>
Date: Mon, 11 Nov 2024 09:57:29 -0500
Subject: [PATCH] feat: Add `ec2:GetSecurityGroupsForVpc` for AWS LB Controller
 `v2.10.0` (#536)

---
 modules/iam-role-for-service-accounts-eks/policies.tf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/iam-role-for-service-accounts-eks/policies.tf b/modules/iam-role-for-service-accounts-eks/policies.tf
index 264c2155..96f20b81 100644
--- a/modules/iam-role-for-service-accounts-eks/policies.tf
+++ b/modules/iam-role-for-service-accounts-eks/policies.tf
@@ -840,6 +840,7 @@ data "aws_iam_policy_document" "load_balancer_controller" {
       "ec2:DescribeTags",
       "ec2:GetCoipPoolUsage",
       "ec2:DescribeCoipPools",
+      "ec2:GetSecurityGroupsForVpc",
       "elasticloadbalancing:DescribeLoadBalancers",
       "elasticloadbalancing:DescribeLoadBalancerAttributes",
       "elasticloadbalancing:DescribeListeners",