From e0de8aba743c70db0f48195b29d7bf2d040da053 Mon Sep 17 00:00:00 2001
From: Shweta <216860557+shweta-nhs@users.noreply.github.com>
Date: Fri, 16 Jan 2026 15:46:01 +0000
Subject: [PATCH] ELI-597: Adds update state machine permission

---
 .../stacks/iams-developer-roles/github_actions_policies.tf     | 3 ++-
 .../stacks/iams-developer-roles/iams_permissions_boundary.tf   | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/infrastructure/stacks/iams-developer-roles/github_actions_policies.tf b/infrastructure/stacks/iams-developer-roles/github_actions_policies.tf
index ea0105a3..c3d70b92 100644
--- a/infrastructure/stacks/iams-developer-roles/github_actions_policies.tf
+++ b/infrastructure/stacks/iams-developer-roles/github_actions_policies.tf
@@ -433,7 +433,8 @@ resource "aws_iam_policy" "api_infrastructure" {
           "states:ListTagsForResource",
           "states:ValidateStateMachineDefinition",
           "states:CreateStateMachine",
-          "states:TagResource"
+          "states:TagResource",
+          "states:UpdateStateMachine",
         ],
 
 
diff --git a/infrastructure/stacks/iams-developer-roles/iams_permissions_boundary.tf b/infrastructure/stacks/iams-developer-roles/iams_permissions_boundary.tf
index 8de082b7..4f4b6551 100644
--- a/infrastructure/stacks/iams-developer-roles/iams_permissions_boundary.tf
+++ b/infrastructure/stacks/iams-developer-roles/iams_permissions_boundary.tf
@@ -218,7 +218,8 @@ data "aws_iam_policy_document" "permissions_boundary" {
       "states:ListTagsForResource",
       "states:ValidateStateMachineDefinition",
       "states:CreateStateMachine",
-      "states:TagResource"
+      "states:TagResource",
+      "states:UpdateStateMachine",
     ]
 
     resources = ["*"]