Update main.tf

babbel · Aug 22, 2022 · e7d63a0 · e7d63a0
1 parent c52809c
commit e7d63a0
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/main.tf b/main.tf
@@ -164,11 +164,11 @@ data "aws_iam_policy_document" "vpc" {
   }
 
   statement {
-    actions = ["ec2:DeleteNetworkInterface"]
-
-    resources = [
-      "arn:${data.aws_partition.current[local.vpc_config_key].partition}:ec2:${data.aws_region.current[local.vpc_config_key].name}:${data.aws_caller_identity.current[local.vpc_config_key].account_id}:network-interface/*",
-    ]
+    # It is not possible to restrict this permissions because the Lambda runtime
+    # is making a DryRun call to this action without any request parameters
+    # before actually creating the Lambda function.
+    actions   = ["ec2:DeleteNetworkInterface"]
+    resources = ["*"]
   }
 }