From f0b50691b666d2039df99ad780f659d0197c2e27 Mon Sep 17 00:00:00 2001
From: Viacheslav Vasilyev <avoidik@gmail.com>
Date: Thu, 10 Feb 2022 17:27:47 +0100
Subject: [PATCH] Update AWS IAM permissions for VPC connected Lambda function
 (#28789)

(cherry picked from commit cfc69fd80a4ba90061595d8c1cd2b305a42d66e8)
---
 x-pack/functionbeat/docs/iam-permissions.asciidoc | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/x-pack/functionbeat/docs/iam-permissions.asciidoc b/x-pack/functionbeat/docs/iam-permissions.asciidoc
index 9b09d4d9a4e0..293174071a8a 100644
--- a/x-pack/functionbeat/docs/iam-permissions.asciidoc
+++ b/x-pack/functionbeat/docs/iam-permissions.asciidoc
@@ -66,7 +66,10 @@ function that collects events from CloudWatch logs.
                 "s3:DeleteObject",
                 "s3:ListBucket",
                 "s3:PutObject",
-                "s3:GetObject"
+                "s3:GetObject",
+                "ec2:DescribeSecurityGroups",
+                "ec2:DescribeSubnets",
+                "ec2:DescribeVpcs"
             ],
             "Resource": "*"
         }
@@ -122,7 +125,10 @@ function that reads from SQS queues or Kinesis data streams.
                 "s3:DeleteObject",
                 "s3:ListBucket",
                 "s3:PutObject",
-                "s3:GetObject"
+                "s3:GetObject",
+                "ec2:DescribeSecurityGroups",
+                "ec2:DescribeSubnets",
+                "ec2:DescribeVpcs"
             ],
             "Resource": "*"
         }