Closed rajish closed 9 months ago
This issue has been automatically marked as stale because it has been open 30 days with no activity. Remove stale label or comment or this issue will be closed in 10 days
This issue was automatically closed because of stale in 10 days
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
Description
Setting the
external_secrets_secrets_manager_create_permission
to true does not attach all permissions necessary to create secrets. One is missing:kms:GenerateDataKey
.Versions
Module version [Required]: 5.32
Terraform version: v1.5.4
Provider version(s):
Reproduction Code [Required]
Steps to reproduce the behavior:
external-secrets
in the cluster with the role abovePushSecret
Expected behavior
The
PushSecret
is synced.Actual behavior
The
PushSecret
fails with the following error:Additional context
Adding manually the
kms:GenerateDataKey
permission to the policy fixed the problem.