feat: update secrets manager input and add s3 delete permission (#33)

alismx · web-flow · commit 8693b5f19066 · 2025-06-04T15:00:11.000-07:00
- Rename secrets_manager_postgresql_connection_string_version to secrets_manager_connection_string_version in documentation.
- Add s3:DeleteObject action to the ecr_viewer_s3 data policy.
diff --git a/README.md b/README.md
@@ -218,7 +218,7 @@ No modules.
 | <a name="input_s3_viewer_bucket_role_name"></a> [s3\_viewer\_bucket\_role\_name](#input\_s3\_viewer\_bucket\_role\_name) | Name of the IAM role for the ecr-viewer bucket | `string` | `""` | no |
 | <a name="input_secrets_manager_auth_client_secret_version"></a> [secrets\_manager\_auth\_client\_secret\_version](#input\_secrets\_manager\_auth\_client\_secret\_version) | The secret containing the auth client secret. This is the secret that comes from the authentication provider. | `string` | `""` | no |
 | <a name="input_secrets_manager_auth_secret_version"></a> [secrets\_manager\_auth\_secret\_version](#input\_secrets\_manager\_auth\_secret\_version) | The secret containing the auth secret. This is used by eCR viewer to encrypt authentication. This can be generated by running `openssl rand -base64 32`. | `string` | `""` | no |
-| <a name="input_secrets_manager_postgresql_connection_string_version"></a> [secrets\_manager\_postgresql\_connection\_string\_version](#input\_secrets\_manager\_postgresql\_connection\_string\_version) | n/a | `string` | `""` | no |
+| <a name="input_secrets_manager_connection_string_version"></a> [secrets\_manager\_connection\_string\_version](#input\_secrets\_manager\_connection\_string\_version) | n/a | `string` | `""` | no |
 | <a name="input_secrets_manager_sqlserver_host_version"></a> [secrets\_manager\_sqlserver\_host\_version](#input\_secrets\_manager\_sqlserver\_host\_version) | n/a | `string` | `""` | no |
 | <a name="input_secrets_manager_sqlserver_password_version"></a> [secrets\_manager\_sqlserver\_password\_version](#input\_secrets\_manager\_sqlserver\_password\_version) | n/a | `string` | `""` | no |
 | <a name="input_secrets_manager_sqlserver_user_version"></a> [secrets\_manager\_sqlserver\_user\_version](#input\_secrets\_manager\_sqlserver\_user\_version) | n/a | `string` | `""` | no |
diff --git a/_data.tf b/_data.tf
@@ -17,6 +17,7 @@ data "aws_iam_policy_document" "ecr_viewer_s3" {
     actions = [
       "s3:PutObject",
       "s3:PutObjectAcl",
+      "s3:DeleteObject",
       "s3:GetObject",
       "s3:GetObjectAcl",
       "s3:ListBucket",
