lifcycled-queue-cleaner needs configuration

[cole-h]

When testing lifecycled-queue-cleaner, I was running into the following error message:

Mar 02 19:05:21 lolhi lifecycled-queue-cleaner[11680]: 2021/03/02 19:05:21 AuthorizationError: User: arn:aws:sts::000000000000:assumed-role/lawsserver00000000000000000000000000/i-00000000000000000 is not authorized to perform: SNS:ListSubscriptions on resource: arn:aws:sns:us-east-1:000000000000:*

Applying the following terraform config allowed it to work:

data "aws_iam_policy_document" "cleaner" {
 statement {
   effect = "Allow"

   actions = [
     "sns:ListSubscriptions",
     "ec2:DescribeInstances",
     "sqs:ListQueues"
   ]

   resources = [
     "*",
   ]
 }

 statement {
   effect = "Allow"

   actions = [
     "sqs:*",
   ]

   resources = ["arn:aws:sqs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:lifecycled-*"]
 }
}

Should this be documented somewhere? (Or, is it already and I just missed it?)