The symopsio/secretsmgr-addon/sym
module is deprecated as of September 30, 2022. Please migrate to symopsio/secretsmgr-addon/aws
. This should be done automatically if you are have migrated to the symopsio/runtime-connector/aws
module.
The secretsmgr-addon
module adds AWS Secrets Manager access to a Sym runtime connector module.
This Addon
will add a policy to the role generated by a Connector
.
You typically include this Addon
by adding aws/secretsmgr
to the addons
property of the runtime connector module, rather than referring to the policy ARN itself.
Secrets must be tagged with ${var.tag_name}=${var.environment}
in order to be accessible by this addon.
module "runtime_connector" {
source = "symopsio/runtime-connector/sym"
version = ">= 1.0.0"
addons = [ "aws/secretsmgr" ]
environment = "sandbox"
}
Optionally override the default tag_name and value with addon_params
:
module "runtime_connector" {
source = "symopsio/runtime-connector/sym"
version = ">= 1.0.0"
addons = [ "aws/secretsmgr" ]
environment = "sandbox"
// Optionally override the default tag_name and value with `addon_params`
addon_params = {
"aws/secretsmgr" = {
"tag_name" = "CustomName",
"tag_value = "CustomValue"
}
}
}
Name | Version |
---|---|
terraform | >= 0.13.7 |
aws | ~> 3.0 |
Name | Version |
---|---|
aws | ~> 3.0 |
No modules.
Name | Type |
---|---|
aws_iam_policy.this | resource |
Name | Description | Type | Default | Required |
---|---|---|---|---|
environment | An environment qualifier for the resources this module creates, to support a Terraform SDLC. The environment value is also the tag value that secrets must be tagged with to be accessible by this addon. | string |
n/a | yes |
tag_name | Name of the tag that secrets must be tagged with to be accessible by this addon. | string |
"SymEnv" |
no |
tags | Additional tags to apply to resources | map(string) |
{} |
no |
Name | Description |
---|---|
policy_arn | Secrets access policy arn |