New permissions needed for v5.29 not reflected to the Cloudformation template

[chanesteves]

Version

5.30

Operating System

Windows

Browser

Google Chrome

What are the steps to reproduce this bug?

1. Follow the steps in Attaching a Fine-Grained Policy
2. Create a new Webiny project v5.29 (or later). We're currently in version 5.30.
3. Follow the installation guide.
4. Deploy by running yarn webiny deploy --env {env name}

What is the expected behavior?

No permission error during deployment.

What do you see instead?

The following permission errors occurred: ...

• aws:cloudwatch:EventBus event-bus creating error: 1 error occurred:
• aws:cloudwatch:EventBus event-bus creating failed error: 1 error occurred: ... failed to register new resource event-bus [aws:cloudwatch/eventBus:EventBus]: Resource monitor is terminating ... failed to register new resource dynamo-to-elastic-lambda-role [aws:iam/role:Role]: Resource monitor is terminating ... aws:sqs:Queue (ps-render-queue): error: 1 error occurred: * failed creating SQS Queue (ps-render-queue-5313cd9.fifo): AccessDenied: Access to the resource https://sqs.us-east-1.amazonaws.com/ is denied. ...

Additional information

I managed to resolve some of the errors by adding the missing permissions to our AWS policy (one at a time).

Possible solution

Update the Cloudformation template

[chanesteves]

Hello, just following up for any updates in this issue.

[Pavel910]

@chanesteves not yet, but it's on the list. Would you like to work on a PR?