diff --git a/README.md b/README.md
index 4a3e32d..6a99e21 100644
--- a/README.md
+++ b/README.md
@@ -83,12 +83,12 @@ No modules.
| [argo\_enabled](#input\_argo\_enabled) | If set to true, the module will be deployed as ArgoCD application, otherwise it will be deployed as a Helm release | `bool` | `false` | no |
| [argo\_helm\_enabled](#input\_argo\_helm\_enabled) | If set to true, the ArgoCD Application manifest will be deployed using Kubernetes provider as a Helm release. Otherwise it'll be deployed as a Kubernetes manifest. See Readme for more info | `bool` | `false` | no |
| [argo\_helm\_values](#input\_argo\_helm\_values) | Value overrides to use when deploying argo application object with helm | `string` | `""` | no |
-| [argo\_info](#input\_argo\_info) | ArgoCD info manifest parameter | list(object({
name = string
value = string
})) | [
{
"name": "terraform",
"value": "true"
}
]
| no |
-| [argo\_kubernetes\_manifest\_computed\_fields](#input\_argo\_kubernetes\_manifest\_computed\_fields) | List of paths of fields to be handled as "computed". The user-configured value for the field will be overridden by any different value returned by the API after apply. | `list(string)` | [
"metadata.labels",
"metadata.annotations"
]
| no |
+| [argo\_info](#input\_argo\_info) | ArgoCD info manifest parameter | list(object({
name = string
value = string
})) | [
{
"name": "terraform",
"value": "true"
}
]
| no |
+| [argo\_kubernetes\_manifest\_computed\_fields](#input\_argo\_kubernetes\_manifest\_computed\_fields) | List of paths of fields to be handled as "computed". The user-configured value for the field will be overridden by any different value returned by the API after apply. | `list(string)` | [
"metadata.labels",
"metadata.annotations"
]
| no |
| [argo\_kubernetes\_manifest\_field\_manager\_force\_conflicts](#input\_argo\_kubernetes\_manifest\_field\_manager\_force\_conflicts) | Forcibly override any field manager conflicts when applying the kubernetes manifest resource | `bool` | `false` | no |
| [argo\_kubernetes\_manifest\_field\_manager\_name](#input\_argo\_kubernetes\_manifest\_field\_manager\_name) | The name of the field manager to use when applying the kubernetes manifest resource. Defaults to Terraform | `string` | `"Terraform"` | no |
| [argo\_kubernetes\_manifest\_wait\_fields](#input\_argo\_kubernetes\_manifest\_wait\_fields) | A map of fields and a corresponding regular expression with a pattern to wait for. The provider will wait until the field matches the regular expression. Use * for any value. | `map(string)` | `{}` | no |
-| [argo\_metadata](#input\_argo\_metadata) | ArgoCD Application metadata configuration. Override or create additional metadata parameters | `any` | {
"finalizers": [
"resources-finalizer.argocd.argoproj.io"
]
} | no |
+| [argo\_metadata](#input\_argo\_metadata) | ArgoCD Application metadata configuration. Override or create additional metadata parameters | `any` | {
"finalizers": [
"resources-finalizer.argocd.argoproj.io"
]
} | no |
| [argo\_namespace](#input\_argo\_namespace) | Namespace to deploy ArgoCD application CRD to | `string` | `"argo"` | no |
| [argo\_project](#input\_argo\_project) | ArgoCD Application project | `string` | `"default"` | no |
| [argo\_spec](#input\_argo\_spec) | ArgoCD Application spec configuration. Override or create additional spec parameters | `any` | `{}` | no |
@@ -96,7 +96,7 @@ No modules.
| [enabled](#input\_enabled) | Variable indicating whether deployment is enabled | `bool` | `true` | no |
| [helm\_atomic](#input\_helm\_atomic) | If set, installation process purges chart on fail. The wait flag will be set automatically if atomic is used | `bool` | `false` | no |
| [helm\_chart\_name](#input\_helm\_chart\_name) | Helm chart name to be installed | `string` | `"aws-load-balancer-controller"` | no |
-| [helm\_chart\_version](#input\_helm\_chart\_version) | Version of the Helm chart | `string` | `"1.7.0"` | no |
+| [helm\_chart\_version](#input\_helm\_chart\_version) | Version of the Helm chart | `string` | `"1.10.1"` | no |
| [helm\_cleanup\_on\_fail](#input\_helm\_cleanup\_on\_fail) | Allow deletion of new resources created in this helm upgrade when upgrade fails | `bool` | `false` | no |
| [helm\_create\_namespace](#input\_helm\_create\_namespace) | Create the namespace if it does not yet exist | `bool` | `true` | no |
| [helm\_dependency\_update](#input\_helm\_dependency\_update) | Runs helm dependency update before installing the chart | `bool` | `false` | no |
diff --git a/iam.tf b/iam.tf
index 7e4ac3a..47996c6 100644
--- a/iam.tf
+++ b/iam.tf
@@ -5,7 +5,7 @@ locals {
data "aws_iam_policy_document" "this" {
count = local.irsa_role_create && var.irsa_policy_enabled ? 1 : 0
- # https://github.com/kubernetes-sigs/aws-load-balancer-controller/blob/v2.4.0/docs/install/iam_policy.json
+ # https://github.com/kubernetes-sigs/aws-load-balancer-controller/blob/v2.10.1/docs/install/iam_policy.json
#checkov:skip=CKV_AWS_109:The official documentation was used to define these policies
#checkov:skip=CKV_AWS_111:The official documentation was used to define these policies
#checkov:skip=CKV_AWS_356
@@ -38,6 +38,8 @@ data "aws_iam_policy_document" "this" {
"ec2:DescribeTags",
"ec2:GetCoipPoolUsage",
"ec2:DescribeCoipPools",
+ "ec2:GetSecurityGroupsForVpc",
+ "elasticloadbalancing:DescribeListenerAttributes",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeLoadBalancerAttributes",
"elasticloadbalancing:DescribeListeners",
@@ -237,6 +239,7 @@ data "aws_iam_policy_document" "this" {
statement {
effect = "Allow"
actions = [
+ "elasticloadbalancing:ModifyListenerAttributes",
"elasticloadbalancing:ModifyLoadBalancerAttributes",
"elasticloadbalancing:SetIpAddressType",
"elasticloadbalancing:SetSecurityGroups",
diff --git a/variables.tf b/variables.tf
index 8df17eb..d7cd266 100644
--- a/variables.tf
+++ b/variables.tf
@@ -22,7 +22,7 @@ variable "helm_chart_name" {
variable "helm_chart_version" {
type = string
- default = "1.7.0"
+ default = "1.10.1"
description = "Version of the Helm chart"
}