From 84da37c2b39ea4f9fe172f6f27393e78833be667 Mon Sep 17 00:00:00 2001
From: James Stott <158563996+jamesstottmoj@users.noreply.github.com>
Date: Wed, 11 Dec 2024 16:36:35 +0000
Subject: [PATCH] Added statement to allow control panel to write CSV to
 feedback bucket (#6275)

* Added statement to allow control panel to write CSV to feedback bucket

* changed resource name
---
 .../cluster/iam-policies.tf                            | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/terraform/aws/analytical-platform-development/cluster/iam-policies.tf b/terraform/aws/analytical-platform-development/cluster/iam-policies.tf
index 56c7e798cf..2e466930a4 100644
--- a/terraform/aws/analytical-platform-development/cluster/iam-policies.tf
+++ b/terraform/aws/analytical-platform-development/cluster/iam-policies.tf
@@ -534,6 +534,16 @@ data "aws_iam_policy_document" "control_panel_api" {
       "arn:aws:iam::${var.account_ids["analytical-platform-compute-test"]}:role/analytical-platform-control-panel"
     ]
   }
+  statement {
+    sid    = "WriteToFeedbackBucket"
+    effect = "Allow"
+    actions = [
+      "s3:PutObject"
+    ]
+    resources = [
+      "arn:aws:s3:::${var.resource_prefix}-ap-feedback/*"
+    ]
+  }
 }
 
 resource "aws_iam_policy" "control_panel_api" {