remove app client from rbac decls

hackforla · Oct 8, 2024 · ad28bcf · ad28bcf
1 parent 53980c4
commit ad28bcf
Showing 1 changed file with 2 additions and 8 deletions.
diff --git a/terraform-incubator/home-unite-us/dev/iam.tf b/terraform-incubator/home-unite-us/dev/iam.tf
@@ -92,18 +92,12 @@ resource "aws_iam_policy" "homeuniteus_manage_ecr" {
             "mobiletargeting:GetApps",
             "acm:ListCertificates"
           ],
-          Resource = [
-            aws_cognito_user_pool.homeuniteus.arn,
-            aws_cognito_user_pool_client.homeuniteus.arn
-          ]
+          Resource = aws_cognito_user_pool.homeuniteus.arn
         },
         {
           Effect = "Allow",
           Action = "iam:CreateServiceLinkedRole",
-          Resource = [
-            aws_cognito_user_pool.homeuniteus.arn,
-            aws_cognito_user_pool_client.homeuniteus.arn
-          ],
+          Resource = aws_cognito_user_pool.homeuniteus.arn,
           Condition = {
             StringEquals = {
               "iam:AWSServiceName" = [