Skip to content

Commit

Permalink
Adding Secrets Manager read/write managed policy to the sso-admin per…
Browse files Browse the repository at this point in the history 
…mission set
  • Loading branch information
@julialawrence
julialawrence committed Sep 10, 2024
1 parent ad38f72 commit ee0b518
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions management-account/terraform/sso-admin-permission-sets.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,12 @@ resource "aws_ssoadmin_managed_policy_attachment" "aws_sso_admin_read_only_acces
permission_set_arn = aws_ssoadmin_permission_set.aws_sso_admin.arn
}

resource "aws_ssoadmin_managed_policy_attachment" "aws_sso_admin_secrets_manager_read_write" {
instance_arn = local.sso_admin_instance_arn
managed_policy_arn = "arn:aws:iam::aws:policy/SecretsManagerReadWrite"
permission_set_arn = aws_ssoadmin_permission_set.aws_sso_admin.arn
}

# Billing Access
resource "aws_ssoadmin_permission_set" "billing" {
name = "Billing"
Expand Down

0 comments on commit ee0b518

Please sign in to comment.