apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
kind: Kustomization
metadata:
  name: cluster-name-external-secrets-iam
  namespace: flux-system
spec:
  dependsOn:
  - name: cluster-name-crossplane-iam
  interval: 1m0s
  path: ./tools-config/external-secrets-iam
  prune: true
  sourceRef:
    kind: GitRepository
    name: flux-system
  healthChecks:
  - kind: Role
    apiVersion: iam.aws.crossplane.io/v1beta1
    name: external-secrets-role-cluster-name
  - kind: Policy
    apiVersion: iam.aws.crossplane.io/v1beta1
    name: external-secrets-policy-cluster-name
  - kind: RolePolicyAttachment
    apiVersion: iam.aws.crossplane.io/v1beta1
    name: external-secrets-attachment-cluster-name
  validation: client
  timeout: 2m
  patches:
    - target:
        group: iam.aws.crossplane.io
        kind: Role
        version: v1beta1
        name: external-secrets-role
      patch: |-
        - op: replace
          path: /metadata/name
          value: external-secrets-role-cluster-name
    - target:
        group: iam.aws.crossplane.io
        kind: Policy
        version: v1beta1
        name: external-secrets-policy
      patch: |-
        - op: replace
          path: /metadata/name
          value: external-secrets-policy-cluster-name
        - op: replace
          path: /spec/forProvider/name
          value: external-secrets-policy-cluster-name
    - target:
        group: iam.aws.crossplane.io
        kind: RolePolicyAttachment
        version: v1beta1
        name: external-secrets-attachment
      patch: |-
        - op: replace
          path: /metadata/name
          value: external-secrets-attachment-cluster-name
        - op: replace
          path: /spec/forProvider/policyArnRef/name
          value: external-secrets-policy-cluster-name
        - op: replace
          path: /spec/forProvider/roleNameRef/name
          value: external-secrets-role-cluster-name
  postBuild:
    substituteFrom:
      - kind: ConfigMap
        name: cluster-info-cluster-name
        optional: false