Get a list of existing ScramSecretAssociation

[christrt9]

Hello!

• Vote on this issue by adding a 👍 reaction
• If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)

Issue details

We have a MSK Cluster, and we have multiple SASL authentication. When we deploy new lambda it add new Secret Association in MSK.

When we run again up to deploy it will remove old the others Secret Association

~ secretArnLists: [
          - [1]: "arn:aws:secretsmanager:eu-west-1:xxxx:secret:AmazonMSK_dev_xxx"
          - [2]: "arn:aws:secretsmanager:eu-west-1:xxxx:secret:AmazonMSK_dev2_xxx"
        ]

[mikhailshilkov]

Hi @r00t9 do you have an isolated code snippet that I could run to reproduce the issue?

[christrt9]

@mikhailshilkov Yes let me know if you need any more info

# Create secret key for MSK 
secret_msk_saml_lambda=create_secret('AmazonMSK_cluster_dev1' ,kms_key_id=kms_secret, secret_value=json.dumps({ 
    "username": "test",
    "password": "pass"
    }) )

msk_policy_document = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(
    sid="AWSKafkaResourcePolicy",
    effect="Allow",
    principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(
        type="Service",
        identifiers=["kafka.amazonaws.com"],
    )],
    actions=["secretsmanager:getSecretValue"],
    resources=[secret_msk_saml_lambda.arn],
)])

# Associate the secret with the MSK cluster
secret_association = aws.msk.ScramSecretAssociation( "Secret_test" ,
    cluster_arn = msk_cluster.arn,
    secret_arn_lists = [ secret_msk_saml_lambda.arn ]
)

# Create MSK Policy
msk_secret_policy = aws.secretsmanager.SecretPolicy("mskSecretPolicy_test",
    secret_arn=secret_msk_saml_lambda.arn,
    policy=msk_policy_document.json)