secrets policy

nhsdevws · nhsdevws · commit 2ccf90f823c6 · 2025-07-30T14:58:59.000+01:00
diff --git a/terraform/id_sync_lambda.tf b/terraform/id_sync_lambda.tf
@@ -248,6 +248,10 @@ data "aws_iam_policy_document" "id_sync_policy_document" {
     }),
     templatefile("${local.policy_path}/dynamodb_stream.json", {
       "dynamodb_table_name" : aws_dynamodb_table.events-dynamodb-table.name
+    }),
+    templatefile("${local.policy_path}/secret_manager.json", {
+      "account_id" : data.aws_caller_identity.current.account_id,
+      "pds_environment" : var.pds_environment
     })
   ]
 }

Original file line number	Diff line number	Diff line change
`@@ -248,6 +248,10 @@ data "aws_iam_policy_document" "id_sync_policy_document" {`
`248`	`248`	`}),`
`249`	`249`	`templatefile("${local.policy_path}/dynamodb_stream.json", {`
`250`	`250`	`"dynamodb_table_name" : aws_dynamodb_table.events-dynamodb-table.name`
	`251`	`+ }),`
	`252`	`+ templatefile("${local.policy_path}/secret_manager.json", {`
	`253`	`+ "account_id" : data.aws_caller_identity.current.account_id,`
	`254`	`+ "pds_environment" : var.pds_environment`
`251`	`255`	`})`
`252`	`256`	`]`
`253`	`257`	`}`