GetAtt not supported for: RdsDbCluster.MasterUserSecret.SecretArn

awslabs / aws-cloudformation-iam-policy-validator

MIT No Attribution

132 stars 20 forks source link

Open jlongland opened 2 months ago

jlongland commented 2 months ago

I have a template with a policy that references an RDS MasterUserSecret

    - Effect: Allow
      Action:
      - secretsmanager:GetSecretValue
      Resource:
      - !GetAtt RdsDbCluster.MasterUserSecret.SecretArn

I receive an error when validating:

ERROR: Call to GetAtt not supported for: RdsDbCluster.MasterUserSecret.SecretArn