From 4eeb0dbf928060d770b617bff341a0d766e483f9 Mon Sep 17 00:00:00 2001
From: Andrew Pearce <andrew.pearce@digital.justice.gov.uk>
Date: Wed, 4 Dec 2024 10:20:00 +0000
Subject: [PATCH] restore iam

---
 terraform/account/kms_key_event_received_sqs.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/terraform/account/kms_key_event_received_sqs.tf b/terraform/account/kms_key_event_received_sqs.tf
index 73bc1ee0ef..1c4a71f2b3 100644
--- a/terraform/account/kms_key_event_received_sqs.tf
+++ b/terraform/account/kms_key_event_received_sqs.tf
@@ -55,7 +55,7 @@ data "aws_iam_policy_document" "event_received_sqs_kms" {
     principals {
       type = "AWS"
       identifiers = [
-        "events.amazonaws.com",
+        local.account.account_name == "development" ? "arn:aws:iam::${data.aws_caller_identity.global.account_id}:root" : "arn:aws:iam::${data.aws_caller_identity.global.account_id}:role/event-received-${local.account.account_name}",
       ]
     }
   }