Skip to content

Commit

Permalink
db secrets access & tls requirement
Browse files Browse the repository at this point in the history
  • Loading branch information
@jdbass
jdbass committed Apr 17, 2024
1 parent 8e6f74a commit 1caf511
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
2 changes: 1 addition & 1 deletion tofu/modules/data-store/database/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ module "db" {
parameters = [
{
name = "require_secure_transport"
value = 1
value = 0
}
]

Expand Down
3 changes: 2 additions & 1 deletion tofu/modules/network/vpc/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -132,7 +132,8 @@ resource "aws_iam_policy" "appointment_secrets_policy" {
"secretsmanager:GetSecretValue"
],
"Resource": [
"arn:aws:secretsmanager:${var.region}:768512802988:secret:${var.environment}/appointment/*"
"arn:aws:secretsmanager:${var.region}:768512802988:secret:staging/appointment/*",
"arn:aws:secretsmanager:${var.region}:768512802988:secret:${var.name_prefix}-db-secret-*"
]
}
]
Expand Down

0 comments on commit 1caf511

Please sign in to comment.