From 9e1939d7b253d4bb35d51c6e2435b869ff3d496f Mon Sep 17 00:00:00 2001
From: Jonathan Innis <joinnis@amazon.com>
Date: Tue, 17 Oct 2023 00:08:39 -0700
Subject: [PATCH] Add eks:UpdateClusterConfig permission

---
 .github/actions/e2e/create-cluster/action.yaml | 2 ++
 test/cloudformation/iam_cloudformation.yaml    | 1 +
 2 files changed, 3 insertions(+)

diff --git a/.github/actions/e2e/create-cluster/action.yaml b/.github/actions/e2e/create-cluster/action.yaml
index 0ddafc10c839..1d1586a46ae2 100644
--- a/.github/actions/e2e/create-cluster/action.yaml
+++ b/.github/actions/e2e/create-cluster/action.yaml
@@ -169,6 +169,8 @@ runs:
         --region ${{ inputs.region }} \
         --name ${{ inputs.cluster_name }} \
         --logging '{"clusterLogging":[{"types":["api","audit","authenticator","controllerManager","scheduler"],"enabled":true}]}'
+      
+      aws logs put-retention-policy --log-group-name "/aws/eks/${{ inputs.cluster_name }}/cluster" --retention-in-days 30
   - name: give KarpenterNodeRole permission to bootstrap
     shell: bash
     run: |
diff --git a/test/cloudformation/iam_cloudformation.yaml b/test/cloudformation/iam_cloudformation.yaml
index cb8a8c7a4c03..94fdaf110ec9 100644
--- a/test/cloudformation/iam_cloudformation.yaml
+++ b/test/cloudformation/iam_cloudformation.yaml
@@ -144,6 +144,7 @@ Resources:
               - eks:CreateCluster
               - eks:CreateAddon
               - eks:CreateNodegroup
+              - eks:UpdateClusterConfig
               - eks:DeleteCluster
               - eks:ListFargateProfiles
               - eks:TagResource