grant IAM access to secret

Author: devksingh4

cloudformation/iam.yml

@@ -45,6 +45,15 @@ Resources:
             - ec2:UnassignPrivateIpAddresses
             Resource: '*'
         PolicyName: lambda
+      - PolicyDocument:
+          Version: 2012-10-17
+          Statement:
+            - Action:
+                - secretsmanager:GetSecretValue
+              Effect: Allow
+              Resource:
+                - !Sub arn:aws:secretsmanager:${AWS::Region}:${AWS::AccountId}:secret:infra-events-api-config*
+        PolicyName: lambda-db-secrets
 Outputs:
   MainFunctionRoleArn:
     Description: Main API IAM role ARN