When using AWS Secrets Manager, the "data.aws_iam_policy_document.secrets-manager-policy" block in ./modules/cluster.irsa.tf includes the "secretsmanager:ListSecrets" action in a group of actions that have resource constraints. But "secretsmanager:ListSecrets" cannot have resource constraints, so it is not included in the policy.
Steps to reproduce the behaviour
set use_vault variable to false
sert use_asm variable to true
set create_asm_role variable to true
terraform apply
Expected behavior
Policy created which includes "secretsmanager:ListSecrets" action
Actual behavior
Policy created does not include "secretsmanager:ListSecrets" action
Summary
When using AWS Secrets Manager, the "data.aws_iam_policy_document.secrets-manager-policy" block in ./modules/cluster.irsa.tf includes the "secretsmanager:ListSecrets" action in a group of actions that have resource constraints. But "secretsmanager:ListSecrets" cannot have resource constraints, so it is not included in the policy.
Steps to reproduce the behaviour
set use_vault variable to false sert use_asm variable to true set create_asm_role variable to true terraform apply
Expected behavior
Policy created which includes "secretsmanager:ListSecrets" action
Actual behavior
Policy created does not include "secretsmanager:ListSecrets" action
Terraform version
The output of
terraform version
is:Module version
Operating system