2
0
mirror of https://github.com/offen/website.git synced 2024-12-23 05:20:21 +01:00

properly scope secrets access

This commit is contained in:
Frederik Ring 2019-07-19 22:00:55 +02:00
parent c02576c794
commit a0200aa643
2 changed files with 4 additions and 3 deletions

View File

@ -15,7 +15,7 @@ provider:
- Effect: 'Allow'
Action:
- secretsmanager:GetSecretValue
Resource: '*'
Resource: arn:aws:secretsmanager:eu-central-1:#{AWS::AccountId}:secret:${self:custom.stage}/*
package:
individually: true
@ -26,6 +26,7 @@ plugins:
- serverless-domain-manager
- serverless-python-requirements
- serverless-wsgi
- serverless-pseudo-parameters
custom:
stage: ${opt:stage, self:provider.stage}

View File

@ -17,9 +17,9 @@
"serverless-apigw-binary": "^0.4.4",
"serverless-domain-manager": "^2.6.13",
"serverless-finch": "^2.4.2",
"serverless-pseudo-parameters": "^2.4.0",
"serverless-python-requirements": "^4.3.0",
"serverless-wsgi": "^1.7.2"
},
"devDependencies": {
}
"devDependencies": {}
}