From bc80ece0bacf61503c49177ad3f1b324b7b1888d Mon Sep 17 00:00:00 2001
From: Jingjing Zhang <jingjing.zhang@lacework.net>
Date: Wed, 2 Oct 2024 10:45:13 -0700
Subject: [PATCH 1/3] addApiGatewayPermission

---
 main.tf | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/main.tf b/main.tf
index f6cb164..5bc5f3b 100644
--- a/main.tf
+++ b/main.tf
@@ -98,7 +98,14 @@ data "aws_iam_policy_document" "lacework_audit_policy" {
   statement {
     sid = "APIGATEWAY"
     actions = ["apigateway:GET"]
-    resources = ["arn:aws:apigateway:*::/apikeys", "arn:aws:apigateway:*::/apikeys/*"]
+    resources = ["arn:aws:apigateway:*::/apikeys",
+    "arn:aws:apigateway:*::/apikeys/*",
+    "arn:aws:apigateway:*::/domainnames/*/basepathmappings",
+    "arn:aws:apigateway:*::/domainnames/*/basepathmappings/*",
+    "arn:aws:apigateway:*::/usageplans",
+    "arn:aws:apigateway:*::/usageplans/*",
+    "arn:aws:apigateway:*::/restapis/*/stages/*/sdks",
+    "arn:aws:apigateway:*::/restapis/*/stages/*/sdks/*"]
   }
 
   statement {

From 2531c27f023b59bf63b71f7bb6df96530e2c9183 Mon Sep 17 00:00:00 2001
From: Jingjing Zhang <jingjing.zhang@lacework.net>
Date: Thu, 3 Oct 2024 10:29:26 -0700
Subject: [PATCH 2/3] fixSdkTypes

---
 main.tf | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/main.tf b/main.tf
index 5bc5f3b..fa7d090 100644
--- a/main.tf
+++ b/main.tf
@@ -104,8 +104,9 @@ data "aws_iam_policy_document" "lacework_audit_policy" {
     "arn:aws:apigateway:*::/domainnames/*/basepathmappings/*",
     "arn:aws:apigateway:*::/usageplans",
     "arn:aws:apigateway:*::/usageplans/*",
-    "arn:aws:apigateway:*::/restapis/*/stages/*/sdks",
-    "arn:aws:apigateway:*::/restapis/*/stages/*/sdks/*"]
+    "arn:aws:apigateway:*::/sdktypes",
+    "arn:aws:apigateway:*::/sdktypes/*"
+    ]
   }
 
   statement {

From b7ccdd0876478f7085f1f3f167dbc2abfecc9702 Mon Sep 17 00:00:00 2001
From: Jingjing Zhang <jingjing.zhang@lacework.net>
Date: Thu, 3 Oct 2024 10:52:30 -0700
Subject: [PATCH 3/3] domainnames

---
 main.tf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/main.tf b/main.tf
index fa7d090..64817b3 100644
--- a/main.tf
+++ b/main.tf
@@ -100,6 +100,7 @@ data "aws_iam_policy_document" "lacework_audit_policy" {
     actions = ["apigateway:GET"]
     resources = ["arn:aws:apigateway:*::/apikeys",
     "arn:aws:apigateway:*::/apikeys/*",
+    "arn:aws:apigateway:*::/domainnames/*",
     "arn:aws:apigateway:*::/domainnames/*/basepathmappings",
     "arn:aws:apigateway:*::/domainnames/*/basepathmappings/*",
     "arn:aws:apigateway:*::/usageplans",