Merge pull request tmobile#245 from sajeer-nooh/add_redshift_policy_a…

…utofix

Added redshift policies for autofix

installer/core/providers/aws/validate.py

@@ -115,7 +115,6 @@ def validate_user_policies(self):
         else:
             False
 
-
     def _check_group_policies(self, access_key, secret_key, user_name):
         """
         Check required policies are present in user-group policies or not. Required policies are kept in the settings AWS_POLICIES_REQUIRED

installer/custom/commands/redeploy.py

@@ -97,7 +97,6 @@ def re_deploy_pacbot(self, input_instance):
         self.run_pre_deployment_process(resources_to_process)
         self.run_real_deployment(input_instance, resources_to_process, terraform_with_targets)
 
-
     def run_pre_deployment_process(self, resources_to_process):
         """
         Before redeploy get started do predeployment activities

installer/resources/iam/all_read_role.py

@@ -71,7 +71,11 @@ class AllReadRoleAutoFixPolicyDocument(iam.IAMPolicyDocumentData):
                 "s3:ListBucketByTags",
                 "s3:PutBucketAcl",
                 "s3:PutBucketPolicy",
-                "s3:PutBucketTagging"
+                "s3:PutBucketTagging",
+                "redshift:AuthorizeClusterSecurityGroupIngress",
+                "redshift:CreateClusterSecurityGroup",
+                "redshift:CreateTags",
+                "redshift:ModifyCluster",
             ],
             'resources': ["*"],
             'effect': "Allow"