feat: allow multiple secrets for Airflow teams

This gives Airflow teams access to a "_2" secret. This is to work around the limitation that an AWS Secret has a max size of 64KB
uktrade · Nov 12, 2024 · 2b6d348 · 2b6d348
1 parent 45b0ba2
commit 2b6d348
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/infra/airflow_dag_processor.tf b/infra/airflow_dag_processor.tf
@@ -235,7 +235,8 @@ data "aws_iam_policy_document" "airflow_team" {
     ]
 
     resources = [
-      "arn:aws:secretsmanager:${data.aws_region.aws_region.name}:${data.aws_caller_identity.aws_caller_identity.account_id}:secret:${var.prefix}/airflow/${var.airflow_dag_processors[count.index].name}-*"
+      "arn:aws:secretsmanager:${data.aws_region.aws_region.name}:${data.aws_caller_identity.aws_caller_identity.account_id}:secret:${var.prefix}/airflow/${var.airflow_dag_processors[count.index].name}-*",
+      "arn:aws:secretsmanager:${data.aws_region.aws_region.name}:${data.aws_caller_identity.aws_caller_identity.account_id}:secret:${var.prefix}/airflow/${var.airflow_dag_processors[count.index].name}_2-*"
     ]
   }