From fe57135d248ee527a5b975ed5c298e0b51691336 Mon Sep 17 00:00:00 2001
From: Frederik Ring <frederik.ring@gmail.com>
Date: Fri, 19 Jul 2019 20:21:59 +0200
Subject: [PATCH] add iam role for accessing secrets manager

---
 accounts/serverless.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/accounts/serverless.yml b/accounts/serverless.yml
index 5661e6c..c277594 100644
--- a/accounts/serverless.yml
+++ b/accounts/serverless.yml
@@ -11,9 +11,16 @@ provider:
   apiName: offen-${self:provider.stage}
   logs:
     restApi: true
+  iamRoleStatements:
+    - Effect: 'Allow'
+      Action:
+        - secretsmanager:GetSecretValue
+      Resource: '*'
 
 package:
   individually: true
+  exclude:
+    - tests
 
 plugins:
   - serverless-domain-manager