From bce17b240f79121660d0a84ac0c161dd3806d3e6 Mon Sep 17 00:00:00 2001
From: Bryant Biggs <bryantbiggs@gmail.com>
Date: Wed, 10 Aug 2022 15:50:09 -0400
Subject: [PATCH] feat: Add additional permission for `karpenter` IAM policy
 added in v0.14.0 release (#264)

---
 .pre-commit-config.yaml                               | 2 +-
 modules/iam-role-for-service-accounts-eks/policies.tf | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 4ab192b2..727e21c0 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
 repos:
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.72.2
+    rev: v1.74.1
     hooks:
       - id: terraform_fmt
       - id: terraform_validate
diff --git a/modules/iam-role-for-service-accounts-eks/policies.tf b/modules/iam-role-for-service-accounts-eks/policies.tf
index 1dabe2ea..e9960982 100644
--- a/modules/iam-role-for-service-accounts-eks/policies.tf
+++ b/modules/iam-role-for-service-accounts-eks/policies.tf
@@ -523,6 +523,7 @@ data "aws_iam_policy_document" "karpenter_controller" {
       "ec2:CreateFleet",
       "ec2:CreateTags",
       "ec2:DescribeLaunchTemplates",
+      "ec2:DescribeImages",
       "ec2:DescribeInstances",
       "ec2:DescribeSecurityGroups",
       "ec2:DescribeSubnets",