fix: Add missing ec2:DescribeSecurityGroups IPv4 VPC CNI IRSA permissions (#646)

Author: pedro-ardoq

modules/iam-role-for-service-accounts/policies.tf

@@ -1088,6 +1088,7 @@ data "aws_iam_policy_document" "vpc_cni" {
         "ec2:DescribeNetworkInterfaces",
         "ec2:DescribeInstanceTypes",
         "ec2:DescribeSubnets",
+        "ec2:DescribeSecurityGroups",
         "ec2:DetachNetworkInterface",
         "ec2:ModifyNetworkInterfaceAttribute",
         "ec2:UnassignPrivateIpAddresses"