diff --git a/modules/cluster/irsa.tf b/modules/cluster/irsa.tf
index 1c7d514..8d23cb4 100644
--- a/modules/cluster/irsa.tf
+++ b/modules/cluster/irsa.tf
@@ -392,7 +392,6 @@ data "aws_iam_policy_document" "secrets-manager-policy" {
       "secretsmanager:GetResourcePolicy",
       "secretsmanager:GetSecretValue",
       "secretsmanager:ListSecretVersionIds",
-      "secretsmanager:ListSecrets",
       "secretsmanager:PutSecretValue",
       "secretsmanager:UpdateSecret",
     ]
@@ -402,6 +401,15 @@ data "aws_iam_policy_document" "secrets-manager-policy" {
       "arn:${data.aws_partition.current.partition}:secretsmanager:${var.region}:${local.project}:secret:secret/data/nexus/*"
     ]
   }
+  statement {
+    effect = "Allow"
+    actions = [
+      "secretsmanager:ListSecrets",
+    ]
+    resources = [
+      "*",
+    ]
+  }
 }
 resource "aws_iam_policy" "secrets-manager" {
   count       = var.create_asm_role ? 1 : 0