Skip to content

Instantly share code, notes, and snippets.

@KyMidd
Created July 10, 2021 20:01
Show Gist options
  • Save KyMidd/63d732a9c46e9d53dfb3989e251b4a5c to your computer and use it in GitHub Desktop.
Save KyMidd/63d732a9c46e9d53dfb3989e251b4a5c to your computer and use it in GitHub Desktop.
data "aws_iam_policy_document" "ecs_secrets_access" {
count = local.execution_iam_secrets == [] ? 0 : 1
statement {
sid = "${var.ecs_name}EcsSecretAccess"
resources = local.execution_iam_secrets
actions = [
"secretsmanager:GetSecretValue",
]
}
}
resource "aws_iam_role_policy" "ecs_secrets_access_role_policy" {
count = local.execution_iam_secrets == [] ? 0 : 1
name = "${var.ecs_name}EcsSecretExecutionRolePolicy"
role = aws_iam_role.ExecutionRole.id
policy = data.aws_iam_policy_document.ecs_secrets_access[0].json
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment