[FEATURE] AWSSystemsManagerDefaultEC2InstanceManagementRoleCustom - Additional Permissions #312
Description
Is your feature request related to a problem? Please describe
The AWSSystemsManagerDefaultEC2InstanceManagementRoleCustom iam role that comes from sra is configured as default host configuration management automatically by sra.
Currently some of our Documents fail to be executed because they require to read SSM parameters but the ssm:GetParameter(s) permission is missing for the role.
Describe the solution you'd like
I would like to have extra permissions for the role to be able to get Parameters from SSM Parameter Store. For now we have to live with a workaround by deploying a lambda that adds this permission
Thanks in Advance
Heiko