From 91993b853d365d6879824a1a9467fc16ec7fb5e8 Mon Sep 17 00:00:00 2001
From: blanchardma <marc.blanchard@post.ch>
Date: Fri, 5 May 2023 16:17:27 +0200
Subject: [PATCH] fix: Remove unnecessary IAM permission for cluster autoscaler

---
 modules/iam-role-for-service-accounts-eks/policies.tf | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/modules/iam-role-for-service-accounts-eks/policies.tf b/modules/iam-role-for-service-accounts-eks/policies.tf
index f0a5ed6f..79196728 100644
--- a/modules/iam-role-for-service-accounts-eks/policies.tf
+++ b/modules/iam-role-for-service-accounts-eks/policies.tf
@@ -74,8 +74,7 @@ data "aws_iam_policy_document" "cluster_autoscaler" {
     content {
       actions = [
         "autoscaling:SetDesiredCapacity",
-        "autoscaling:TerminateInstanceInAutoScalingGroup",
-        "autoscaling:UpdateAutoScalingGroup",
+        "autoscaling:TerminateInstanceInAutoScalingGroup"
       ]
 
       resources = ["*"]