Fix issue with Secret not located, reference to /kubernetes/ is still needed. (#267)

pmoranga · web-flow · commit bc1109fb0015 · 2022-05-17T09:57:17.000-07:00
diff --git a/templates/kubernetes/terraform/modules/kubernetes/external_secrets.tf b/templates/kubernetes/terraform/modules/kubernetes/external_secrets.tf
@@ -55,7 +55,10 @@ resource "aws_iam_policy" "external_secrets" {
 data "aws_iam_policy_document" "external_secrets_policy_doc" {
   statement {
     effect    = "Allow"
-    resources = ["arn:aws:secretsmanager:${var.region}:*:secret:${var.project}/application/${var.environment}/*"]
+    resources = [
+      "arn:aws:secretsmanager:${var.region}:*:secret:${var.project}/application/${var.environment}/*",
+      "arn:aws:secretsmanager:${var.region}:*:secret:${var.project}/kubernetes/${var.environment}/*"
+    ]
 
     actions = [
       "secretsmanager:GetResourcePolicy",
