From ee198ed3d85b44b7f4af956fd1ef1ba74a83f3d9 Mon Sep 17 00:00:00 2001
From: ranbeersingh1 <43067999+ranbeersingh1@users.noreply.github.com>
Date: Thu, 20 Jun 2024 15:54:48 +0100
Subject: [PATCH] Create secret policy for Delius application secret

---
 .../modules/components/oracle_db_shared/secrets.tf          | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/terraform/environments/delius-core/modules/components/oracle_db_shared/secrets.tf b/terraform/environments/delius-core/modules/components/oracle_db_shared/secrets.tf
index e546442d8d7..0f3c8087c7d 100644
--- a/terraform/environments/delius-core/modules/components/oracle_db_shared/secrets.tf
+++ b/terraform/environments/delius-core/modules/components/oracle_db_shared/secrets.tf
@@ -48,4 +48,10 @@ data "aws_iam_policy_document" "delius_core_application_passwords" {
     actions   = ["secretsmanager:GetSecretValue"]
     resources = [aws_secretsmanager_secret.delius_core_application_passwords.arn]
   }
+}
+
+resource "aws_secretsmanager_secret_policy" "delius_core_application_passwords" {
+  count = local.has_mis_environment && var.account_info.application_name == "delius-core" ? 1 : 0
+  secret_arn = aws_secretsmanager_secret.delius_core_application_passwords.arn
+  policy     = data.aws_iam_policy_document.delius_core_application_passwords[count.index].json
 }
\ No newline at end of file