diff --git a/templates_cspm/CloudAgentlessRole.yaml b/templates_cspm/CloudAgentlessRole.yaml index d4e6b7f..1db8db6 100644 --- a/templates_cspm/CloudAgentlessRole.yaml +++ b/templates_cspm/CloudAgentlessRole.yaml @@ -63,7 +63,7 @@ Resources: - "arn:aws:waf-regional:*:*:rule/*" - "arn:aws:waf-regional:*:*:rulegroup/*" - Effect: "Allow" - Action: "account:GetContactInformation" + Action: "macie2:ListClassificationJobs" Resource: "*" Outputs: diff --git a/templates_cspm/OrgCloudAgentlessRole.yaml b/templates_cspm/OrgCloudAgentlessRole.yaml index 74b4f83..42767ba 100644 --- a/templates_cspm/OrgCloudAgentlessRole.yaml +++ b/templates_cspm/OrgCloudAgentlessRole.yaml @@ -65,7 +65,7 @@ Resources: - "arn:aws:waf-regional:*:*:rule/*" - "arn:aws:waf-regional:*:*:rulegroup/*" - Effect: "Allow" - Action: "account:GetContactInformation" + Action: "macie2:ListClassificationJobs" Resource: "*" RoleStackSet: Type: AWS::CloudFormation::StackSet @@ -136,5 +136,5 @@ Resources: - "arn:aws:waf-regional:*:*:rule/*" - "arn:aws:waf-regional:*:*:rulegroup/*" - Effect: "Allow" - Action: "account:GetContactInformation" + Action: "macie2:ListClassificationJobs" Resource: "*" diff --git a/templates_cspm_cloudlogs/FullInstall.yaml b/templates_cspm_cloudlogs/FullInstall.yaml index cb7c7ae..106e573 100644 --- a/templates_cspm_cloudlogs/FullInstall.yaml +++ b/templates_cspm_cloudlogs/FullInstall.yaml @@ -76,7 +76,7 @@ Resources: - "arn:aws:waf-regional:*:*:rule/*" - "arn:aws:waf-regional:*:*:rulegroup/*" - Effect: "Allow" - Action: "account:GetContactInformation" + Action: "macie2:ListClassificationJobs" Resource: "*" CloudLogsRole: Type: "AWS::IAM::Role" diff --git a/templates_cspm_cloudlogs/OrgFullInstall.yaml b/templates_cspm_cloudlogs/OrgFullInstall.yaml index 117771a..c39b589 100644 --- a/templates_cspm_cloudlogs/OrgFullInstall.yaml +++ b/templates_cspm_cloudlogs/OrgFullInstall.yaml @@ -81,7 +81,7 @@ Resources: - "arn:aws:waf-regional:*:*:rule/*" - "arn:aws:waf-regional:*:*:rulegroup/*" - Effect: "Allow" - Action: "account:GetContactInformation" + Action: "macie2:ListClassificationJobs" Resource: "*" CloudLogsRole: Type: "AWS::IAM::Role" @@ -190,5 +190,5 @@ Resources: - "arn:aws:waf-regional:*:*:rule/*" - "arn:aws:waf-regional:*:*:rulegroup/*" - Effect: "Allow" - Action: "account:GetContactInformation" + Action: "macie2:ListClassificationJobs" Resource: "*" diff --git a/templates_cspm_eventbridge/FullInstall.yaml b/templates_cspm_eventbridge/FullInstall.yaml index 88a3ca5..aca0319 100644 --- a/templates_cspm_eventbridge/FullInstall.yaml +++ b/templates_cspm_eventbridge/FullInstall.yaml @@ -88,7 +88,7 @@ Resources: - "arn:aws:waf-regional:*:*:rule/*" - "arn:aws:waf-regional:*:*:rulegroup/*" - Effect: "Allow" - Action: "account:GetContactInformation" + Action: "macie2:ListClassificationJobs" Resource: "*" EventBridgeRole: Type: AWS::IAM::Role diff --git a/templates_cspm_eventbridge/OrgFullInstall.yaml b/templates_cspm_eventbridge/OrgFullInstall.yaml index e8c78a0..e459bb4 100644 --- a/templates_cspm_eventbridge/OrgFullInstall.yaml +++ b/templates_cspm_eventbridge/OrgFullInstall.yaml @@ -132,7 +132,7 @@ Resources: - "arn:aws:waf-regional:*:*:rule/*" - "arn:aws:waf-regional:*:*:rulegroup/*" - Effect: "Allow" - Action: "account:GetContactInformation" + Action: "macie2:ListClassificationJobs" Resource: "*" EventBridgeRole: Type: AWS::IAM::Role @@ -245,7 +245,7 @@ Resources: - "arn:aws:waf-regional:*:*:rule/*" - "arn:aws:waf-regional:*:*:rulegroup/*" - Effect: "Allow" - Action: "account:GetContactInformation" + Action: "macie2:ListClassificationJobs" Resource: "*" EventBridgeRole: Type: AWS::IAM::Role