From c05a5cab19a258e526bbca65140e0c49b6fc76ad Mon Sep 17 00:00:00 2001
From: Dave Liggat <dliggat@amazon.com>
Date: Fri, 21 Aug 2020 11:41:48 -0700
Subject: [PATCH] Updating reference SCPs to exclude NetworkManager from Region
 Restriction

---
 .../SCPs/PBMMAccel-Guardrails-PBMM-Only.json             | 9 ++++++++-
 .../SCPs/PBMMAccel-Guardrails-Unclass-Only.json          | 1 +
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/reference-artifacts/SCPs/PBMMAccel-Guardrails-PBMM-Only.json b/reference-artifacts/SCPs/PBMMAccel-Guardrails-PBMM-Only.json
index c799b7734..3d157c6ee 100644
--- a/reference-artifacts/SCPs/PBMMAccel-Guardrails-PBMM-Only.json
+++ b/reference-artifacts/SCPs/PBMMAccel-Guardrails-PBMM-Only.json
@@ -40,7 +40,13 @@
         "iam:AddUserToGroup",
         "iam:UpdateAccountPasswordPolicy",
         "iam:DeleteAccountPasswordPolicy",
-        "iam:TagUser"
+        "iam:TagUser",
+        "networkmanager:Create*",
+        "networkmanager:Update*",
+        "networkmanager:Associate*",
+        "networkmanager:Disassociate*",
+        "networkmanager:Register*",
+        "networkmanager:Deregister*"
       ],
       "Resource": "*",
       "Condition": {
@@ -99,6 +105,7 @@
         "importexport:*",
         "kms:*",
         "mobileanalytics:*",
+        "networkmanager:*",
         "organizations:*",
         "pricing:*",
         "route53:*",
diff --git a/reference-artifacts/SCPs/PBMMAccel-Guardrails-Unclass-Only.json b/reference-artifacts/SCPs/PBMMAccel-Guardrails-Unclass-Only.json
index 81012b14f..b613bc5a8 100644
--- a/reference-artifacts/SCPs/PBMMAccel-Guardrails-Unclass-Only.json
+++ b/reference-artifacts/SCPs/PBMMAccel-Guardrails-Unclass-Only.json
@@ -48,6 +48,7 @@
         "iam:*",
         "importexport:*",
         "mobileanalytics:*",
+        "networkmanager:*",
         "organizations:*",
         "pricing:*",
         "route53:*",