From 2eeed04d08a5a1ed7b5a9adac8ca430972bb7d2f Mon Sep 17 00:00:00 2001
From: William Orr <william.orr@digital.justice.gov.uk>
Date: Fri, 19 Jan 2024 16:08:14 +0000
Subject: [PATCH] add athena:ListNamedQueries permission

---
 examples/iam_policy.json                      | 1 +
 iam_builder/templates.py                      | 1 +
 tests/expected_policy/all_config.json         | 1 +
 tests/expected_policy/athena_full_access.json | 1 +
 tests/expected_policy/athena_read_only.json   | 1 +
 tests/expected_policy/athena_two_dumps.json   | 1 +
 6 files changed, 6 insertions(+)

diff --git a/examples/iam_policy.json b/examples/iam_policy.json
index 2a61f5e..366870b 100644
--- a/examples/iam_policy.json
+++ b/examples/iam_policy.json
@@ -68,6 +68,7 @@
                 "athena:GetQueryResultsStream",
                 "athena:GetWorkGroup",
                 "athena:ListNamedQueries",
+                "athena:ListQueryExecutions",
                 "athena:ListWorkGroups",
                 "athena:StartQueryExecution",
                 "athena:StopQueryExecution",
diff --git a/iam_builder/templates.py b/iam_builder/templates.py
index 78c7396..f8c32f3 100755
--- a/iam_builder/templates.py
+++ b/iam_builder/templates.py
@@ -194,6 +194,7 @@ def get_athena_read_access(dump_bucket: list) -> dict:
                     "athena:GetQueryResultsStream",
                     "athena:GetWorkGroup",
                     "athena:ListNamedQueries",
+                    "athena:ListQueryExecutions",
                     "athena:ListWorkGroups",
                     "athena:StartQueryExecution",
                     "athena:StopQueryExecution",
diff --git a/tests/expected_policy/all_config.json b/tests/expected_policy/all_config.json
index a117538..dc0a398 100644
--- a/tests/expected_policy/all_config.json
+++ b/tests/expected_policy/all_config.json
@@ -68,6 +68,7 @@
                 "athena:GetQueryResultsStream",
                 "athena:GetWorkGroup",
                 "athena:ListNamedQueries",
+                "athena:ListQueryExecutions",
                 "athena:ListWorkGroups",
                 "athena:StartQueryExecution",
                 "athena:StopQueryExecution",
diff --git a/tests/expected_policy/athena_full_access.json b/tests/expected_policy/athena_full_access.json
index 97183db..fda89f9 100644
--- a/tests/expected_policy/athena_full_access.json
+++ b/tests/expected_policy/athena_full_access.json
@@ -68,6 +68,7 @@
                 "athena:GetQueryResultsStream",
                 "athena:GetWorkGroup",
                 "athena:ListNamedQueries",
+                "athena:ListQueryExecutions",
                 "athena:ListWorkGroups",
                 "athena:StartQueryExecution",
                 "athena:StopQueryExecution",
diff --git a/tests/expected_policy/athena_read_only.json b/tests/expected_policy/athena_read_only.json
index ffd4ad4..4073138 100644
--- a/tests/expected_policy/athena_read_only.json
+++ b/tests/expected_policy/athena_read_only.json
@@ -68,6 +68,7 @@
                 "athena:GetQueryResultsStream",
                 "athena:GetWorkGroup",
                 "athena:ListNamedQueries",
+                "athena:ListQueryExecutions",
                 "athena:ListWorkGroups",
                 "athena:StartQueryExecution",
                 "athena:StopQueryExecution",
diff --git a/tests/expected_policy/athena_two_dumps.json b/tests/expected_policy/athena_two_dumps.json
index 06f7d8a..062b57c 100644
--- a/tests/expected_policy/athena_two_dumps.json
+++ b/tests/expected_policy/athena_two_dumps.json
@@ -70,6 +70,7 @@
                 "athena:GetQueryResultsStream",
                 "athena:GetWorkGroup",
                 "athena:ListNamedQueries",
+                "athena:ListQueryExecutions",
                 "athena:ListWorkGroups",
                 "athena:StartQueryExecution",
                 "athena:StopQueryExecution",