Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- templates:
- sec-service-be-acceptance:
- Resources:
- MicroserviceTaskDefinition:
- Properties:
- ContainerDefinitions:
- Fn::Splice:
- - 0
- - 1
- - - Secrets:
- - Name: MYSECRET
- ValueFrom:
- Fn::Sub: arn:aws:secretsmanager:${AWS::Region}:${AWS::AccountId}:secret:sec/acceptance/MYSECRET
- - Name: MYSECRETX
- ValueFrom:
- Fn::Sub: arn:aws:secretsmanager:${AWS::Region}:${AWS::AccountId}:secret:sec/acceptance/MYSECRETX
- sec-iam-service-be-acceptance:
- Resources:
- SecretsManagerPolicy:
- Type: "AWS::IAM::Policy"
- Properties:
- PolicyName: "secretspolicy"
- PolicyDocument:
- Version: '2012-10-17'
- Statement:
- - Action:
- - ssm:GetParameters
- - secretsmanager:GetSecretValue
- - kms:Decrypt
- Effect: Allow
- Resource:
- - Fn::Sub: arn:aws:secretsmanager:${AWS::Region}:${AWS::AccountId}:secret:sec/acceptance/*
- - Fn::Sub: arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key:sec-service-be-acceptance
- Roles:
- - Ref: EcsTaskRole
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement