From ee6cdc808662efc74566e7d23f449b2dc2c2159d Mon Sep 17 00:00:00 2001
From: David Moran <23364162+wavemoran@users.noreply.github.com>
Date: Wed, 11 Sep 2024 08:44:55 -0700
Subject: [PATCH] Add explicit parameter store path (#1110)

---
 modules/eks/external-secrets-operator/main.tf | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/modules/eks/external-secrets-operator/main.tf b/modules/eks/external-secrets-operator/main.tf
index 5dd92ce35..bd79a0400 100644
--- a/modules/eks/external-secrets-operator/main.tf
+++ b/modules/eks/external-secrets-operator/main.tf
@@ -48,9 +48,13 @@ module "external_secrets_operator" {
         actions = [
           "ssm:GetParameter*"
         ]
-        resources = [for parameter_store_path in var.parameter_store_paths : (
-          "arn:aws:ssm:${var.region}:${local.account}:parameter/${parameter_store_path}/*"
-        )]
+        resources = concat(
+          [for parameter_store_path in var.parameter_store_paths : (
+            "arn:aws:ssm:${var.region}:${local.account}:parameter/${parameter_store_path}/*"
+          )],
+          [for parameter_store_path in var.parameter_store_paths : (
+            "arn:aws:ssm:${var.region}:${local.account}:parameter/${parameter_store_path}"
+        )])
       },
       {
         sid    = "DescribeParameters"