diff --git a/modules/snapshot/README.md b/modules/snapshot/README.md
index 4a81698..52777de 100644
--- a/modules/snapshot/README.md
+++ b/modules/snapshot/README.md
@@ -125,7 +125,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [action](#input\_action) | List of actions allowed by policy and periodically triggered. By default,
this list contains all policies which the lambda can act upon. You should
only override this list if you do not want to execute more actions as they
become available in future lambda upgrades. If you instead wish to extend
this list, or ignore a subset of actions, use \"include\" and \"exclude\". | `list(string)` |
[| no | +| [action](#input\_action) | List of actions allowed by policy and periodically triggered. By default,
"apigateway:Get*",
"autoscaling:Describe*",
"cloudformation:Describe*",
"cloudfront:List*",
"dynamodb:Describe*",
"dynamodb:List*",
"ec2:Describe*",
"ecs:Describe*",
"ecs:List*",
"eks:Describe*",
"eks:List*",
"elasticbeanstalk:Describe*",
"elasticache:Describe*",
"elasticfilesystem:Describe*",
"elasticloadbalancing:Describe*",
"elasticmapreduce:Describe*",
"elasticmapreduce:List*",
"events:List*",
"firehose:Describe*",
"firehose:List*",
"iam:Get*",
"iam:List*",
"kinesis:Describe*",
"kinesis:List*",
"kms:Describe*",
"kms:List*",
"lambda:List*",
"logs:Describe*",
"organizations:Describe*",
"organizations:List*",
"rds:Describe*",
"redshift:Describe*",
"route53:List*",
"s3:GetBucket*",
"s3:List*",
"secretsmanager:List*",
"sns:Get*",
"sns:List*",
"sqs:Get*",
"sqs:List*",
"synthetics:Describe*",
"synthetics:List*"
]
[| no | | [eventbridge\_name\_prefix](#input\_eventbridge\_name\_prefix) | Prefix used for eventbridge rule | `string` | `"observe-lambda-snapshot-"` | no | | [eventbridge\_schedule\_event\_bus\_name](#input\_eventbridge\_schedule\_event\_bus\_name) | Event Bus for EventBridge scheduled events | `string` | `"default"` | no | | [eventbridge\_schedule\_expression](#input\_eventbridge\_schedule\_expression) | Rate at which snapshot is triggered. Must be valid EventBridge expression | `string` | `"rate(3 hours)"` | no | diff --git a/modules/snapshot/variables.tf b/modules/snapshot/variables.tf index d6add4a..7d37acf 100644 --- a/modules/snapshot/variables.tf +++ b/modules/snapshot/variables.tf @@ -39,6 +39,7 @@ variable "action" { "apigateway:Get*", "autoscaling:Describe*", "cloudformation:Describe*", + "cloudformation:List*", "cloudfront:List*", "dynamodb:Describe*", "dynamodb:List*",
"apigateway:Get*",
"autoscaling:Describe*",
"cloudformation:Describe*",
"cloudformation:List*",
"cloudfront:List*",
"dynamodb:Describe*",
"dynamodb:List*",
"ec2:Describe*",
"ecs:Describe*",
"ecs:List*",
"eks:Describe*",
"eks:List*",
"elasticbeanstalk:Describe*",
"elasticache:Describe*",
"elasticfilesystem:Describe*",
"elasticloadbalancing:Describe*",
"elasticmapreduce:Describe*",
"elasticmapreduce:List*",
"events:List*",
"firehose:Describe*",
"firehose:List*",
"iam:Get*",
"iam:List*",
"kinesis:Describe*",
"kinesis:List*",
"kms:Describe*",
"kms:List*",
"lambda:List*",
"logs:Describe*",
"organizations:Describe*",
"organizations:List*",
"rds:Describe*",
"redshift:Describe*",
"route53:List*",
"s3:GetBucket*",
"s3:List*",
"secretsmanager:List*",
"sns:Get*",
"sns:List*",
"sqs:Get*",
"sqs:List*",
"synthetics:Describe*",
"synthetics:List*"
]