Skip to content

Commit

Permalink
fix: create statement for listsecrets in secrets manager iam policy (#…
Browse files Browse the repository at this point in the history 
…328)
  • Loading branch information
@stemurray
stemurray authored Nov 27, 2021
1 parent c9878bb commit 2c9dc83
Showing 1 changed file with 9 additions and 1 deletion.
10 changes: 9 additions & 1 deletion modules/cluster/irsa.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -392,7 +392,6 @@ data "aws_iam_policy_document" "secrets-manager-policy" {
"secretsmanager:GetResourcePolicy",
"secretsmanager:GetSecretValue",
"secretsmanager:ListSecretVersionIds",
"secretsmanager:ListSecrets",
"secretsmanager:PutSecretValue",
"secretsmanager:UpdateSecret",
]
Expand All @@ -402,6 +401,15 @@ data "aws_iam_policy_document" "secrets-manager-policy" {
"arn:${data.aws_partition.current.partition}:secretsmanager:${var.region}:${local.project}:secret:secret/data/nexus/*"
]
}
statement {
effect = "Allow"
actions = [
"secretsmanager:ListSecrets",
]
resources = [
"*",
]
}
}
resource "aws_iam_policy" "secrets-manager" {
count = var.create_asm_role ? 1 : 0
Expand Down

0 comments on commit 2c9dc83

Please sign in to comment.