diff --git a/codebase-pipelines/tests/unit.tftest.hcl b/codebase-pipelines/tests/unit.tftest.hcl
index d43ea13d..6716fcce 100644
--- a/codebase-pipelines/tests/unit.tftest.hcl
+++ b/codebase-pipelines/tests/unit.tftest.hcl
@@ -778,6 +778,10 @@ run "test_iam_documents" {
     error_message = "Unexpected actions"
   }
 }
+  assert {
+    condition = one(data.aws_iam_policy_document.deploy_ssm_access.statement[0].resources) == "arn:aws:ssm:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:parameter/codebuild/slack_*"
+    error_message = "Unexpected resources"
+  }
 
 run "test_codebuild_deploy" {
   command = plan