From e0bb2a1042d5fe1bf9d7e04b800e0b76bac52c10 Mon Sep 17 00:00:00 2001
From: Chris Wilton-Magras <chriswilty@zoho.com>
Date: Wed, 25 Sep 2024 10:47:38 +0100
Subject: [PATCH] Add a confirmation step to pipeline for permissions
 broadening

---
 cloud/lib/pipeline-stack.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cloud/lib/pipeline-stack.ts b/cloud/lib/pipeline-stack.ts
index 2c2372b0..fd8a7ce1 100644
--- a/cloud/lib/pipeline-stack.ts
+++ b/cloud/lib/pipeline-stack.ts
@@ -6,6 +6,7 @@ import {
 	CodeBuildStep,
 	CodePipeline,
 	CodePipelineSource,
+	ConfirmPermissionsBroadening,
 	ShellStep,
 	Step,
 } from 'aws-cdk-lib/pipelines';
@@ -95,8 +96,7 @@ export class PipelineStack extends Stack {
 
 		// Pre-deployment quality checks
 		deployment.addPre(
-			// TODO Add a ConfirmPermissionsBroadening step:
-			// new ConfirmPermissionsBroadening('Check Permissions', { stage: appStage }),
+			new ConfirmPermissionsBroadening('Check Permissions', { stage: appStage }),
 			new CodeBuildStep('API-CodeChecks', {
 				input: sourceCode,
 				commands: [