From 39b47131baa65ef10f919280c8b3b1d103c0262e Mon Sep 17 00:00:00 2001
From: Radon Rosborough <radon.neon@gmail.com>
Date: Sat, 10 Jul 2021 18:50:10 +0000
Subject: [PATCH] More IAM

---
 tf/iam.tf | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/tf/iam.tf b/tf/iam.tf
index 2afedab..95ce71e 100644
--- a/tf/iam.tf
+++ b/tf/iam.tf
@@ -19,9 +19,23 @@ data "aws_iam_policy_document" "deploy" {
     ]
   }
 
+  statement {
+    actions = [
+      "ecr:DescribeRegistry",
+    ]
+
+    resources = [
+      "*",
+    ]
+  }
+
   statement {
     actions = [
       "ecr:BatchGetImage",
+      "ecr:BatchCheckLayerAvailability",
+      "ecr:DescribeImages",
+      "ecr:DescribeRepositories",
+      "ecr:GetDownloadUrlForLayer",
       "ecr:ListImages",
     ]