From 8317af9b897608ade6e34269ed6f1914e3e1d844 Mon Sep 17 00:00:00 2001
From: Ivan Sukhomlyn <ivan.sukhomlyn@ringteam.com>
Date: Tue, 9 Jun 2020 23:48:22 +0300
Subject: [PATCH] improvement: add ec2:DescribeInternetGateways perms to
 cluster IAM role

---
 cluster.tf | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/cluster.tf b/cluster.tf
index acb49e13f9..cb1a76cf09 100644
--- a/cluster.tf
+++ b/cluster.tf
@@ -141,7 +141,10 @@ data "aws_iam_policy_document" "cluster_elb_sl_role_creation" {
 
   statement {
     effect    = "Allow"
-    actions   = ["ec2:DescribeAccountAttributes"]
+    actions   = [
+      "ec2:DescribeAccountAttributes",
+      "ec2:DescribeInternetGateways"
+    ]
     resources = ["*"]
   }
 }