provectus · mhernahapetyan · Jul 8, 2022 · Jul 8, 2022 · Jul 8, 2022 · Jul 8, 2022
diff --git a/.github/workflows/reviewdog.yaml b/.github/workflows/reviewdog.yaml
@@ -1,13 +1,21 @@
 name: reviewdog
 on:
+  push:
+    branches:
+      - master
   pull_request:
+    types: [opened, reopened]
     paths:
     - '**.tf'
     - '**.tfvars'
     - '**.tfvars.json'
 env:
   TERRAFORM_VERSION: "1.0.6"
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
 
   tflint:
@@ -43,3 +51,5 @@ jobs:
           filter_mode: "nofilter" # Optional. Check all files, not just the diff
           level: info
           flags: "--module" # Optional. Add custom tflint flags
+
+
diff --git a/.github/workflows/tfsec.yaml b/.github/workflows/tfsec.yaml
@@ -0,0 +1,20 @@
+name: tfsec
+on:
+  pull_request:
+    types: [opened, reopened]
+env:
+  TERRAFORM_VERSION: "1.0.6"
+
+jobs:
+  tfsec:
+      name: runner /tfsec
+      runs-on: ubuntu-latest
+
+      steps:
+        - name: Clone repo
+          uses: actions/checkout@master
+        - name: tfsec
+          uses: aquasecurity/[email protected]
+          id  : test
+
+
diff --git a/main.tf b/main.tf
@@ -100,11 +100,6 @@ resource "aws_iam_policy" "this" {
     {
       Version = "2012-10-17",
       Statement = [
-        {
-          Effect   = "Allow",
-          Action   = "route53:GetChange",
-          Resource = "arn:aws:route53:::change/*"
-        },
         {
           Effect = "Allow",
           Action = [