From 39461605b81ba0ba0e75fb8ced121c2409763efb Mon Sep 17 00:00:00 2001
From: Adam Chodera <48442257+iress-ac@users.noreply.github.com>
Date: Fri, 14 Oct 2022 11:20:59 +0100
Subject: [PATCH] secret rotation now depends on the permissions

This fixes a bug where if you deploy the components one by one with parallelism=1, deploying the secret rotation fails because of a lack of permission to call the rotation lambda.
---
 infra/terraform/modules/_auth/secrets.tf | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/infra/terraform/modules/_auth/secrets.tf b/infra/terraform/modules/_auth/secrets.tf
index a47c02e..4da3181 100644
--- a/infra/terraform/modules/_auth/secrets.tf
+++ b/infra/terraform/modules/_auth/secrets.tf
@@ -12,4 +12,9 @@ resource "aws_secretsmanager_secret_rotation" "key_pair" {
   rotation_rules {
     automatically_after_days = var.key_pair_rotation_period_days
   }
+  
+  # Secrets manager requires the access to the rotation lambda to be applied
+  depends_on = [
+    aws_lambda_permission.allow_secrets_manager
+  ]
 }