Skip to content

Commit

Permalink
fix: Add ssm:GetParameters permission to external-secrets policy (#…
Browse files Browse the repository at this point in the history 
…316)

Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>
  • Loading branch information
@amarkevich @bryantbiggs
amarkevich and bryantbiggs authored Dec 7, 2022
1 parent 8349479 commit 0e77849
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 3 deletions.
4 changes: 2 additions & 2 deletions .pre-commit-config.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
repos:
- repo: https://github.com/antonbabenko/pre-commit-terraform
rev: v1.76.0
rev: v1.77.0
hooks:
- id: terraform_fmt
- id: terraform_validate
Expand All @@ -23,7 +23,7 @@ repos:
- '--args=--only=terraform_standard_module_structure'
- '--args=--only=terraform_workspace_remote'
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.3.0
rev: v4.4.0
hooks:
- id: check-merge-conflict
- id: end-of-file-fixer
5 changes: 4 additions & 1 deletion modules/iam-role-for-service-accounts-eks/policies.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -410,7 +410,10 @@ data "aws_iam_policy_document" "external_secrets" {
count = var.create_role && var.attach_external_secrets_policy ? 1 : 0

statement {
actions = ["ssm:GetParameter"]
actions = [
"ssm:GetParameter",
"ssm:GetParameters",
]
resources = var.external_secrets_ssm_parameter_arns
}

Expand Down

0 comments on commit 0e77849

Please sign in to comment.