Closed lgallard closed 2 years ago
There’s no need to include a policy resource because the current implementation support policies as follow:
secrets = {
"${local.secret_prefix}/myPrefixedSecret" = {
description = "My secret x"
recovery_window_in_days = 7
secret_string = "This is an example"
policy = <<POLICY
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "EnableAllPermissions",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "secretsmanager:GetSecretValue",
"Resource": "*"
}
]
}
POLICY
},
"${local.secret_prefix}/myPrefixedSecret-2" = {
description = "My secret y"
recovery_window_in_days = 7
secret_string = "This is another example"
policy = null
}
I will include this example in the documentation.
Examples added in releases 0.5.2
Module should be able to set secret policy. Example;
Reference: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_policy