From 2747665af5fb4b1c30a98a0283864585f1b0a540 Mon Sep 17 00:00:00 2001
From: Chris Kalafarski <chris@farski.com>
Date: Fri, 19 Apr 2024 11:34:24 -0400
Subject: [PATCH] Add necessary SAM S3 permissions

---
 devops/aws-management/github-oidc-role.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/devops/aws-management/github-oidc-role.yml b/devops/aws-management/github-oidc-role.yml
index 108145afb..2d777e04f 100644
--- a/devops/aws-management/github-oidc-role.yml
+++ b/devops/aws-management/github-oidc-role.yml
@@ -366,6 +366,8 @@ Resources:
         Statement:
           - Action:
               # Allows AWS SAM CLI to upload to default managed S3 buckets
+              - s3:Get*
+              - s3:List*
               - s3:PutObject
             Effect: Allow
             Resource: arn:aws:s3:::aws-sam-cli-managed-default-samclisourcebucket*/*