diff --git a/terraform/layer2-k8s/eks-external-secrets.tf b/terraform/layer2-k8s/eks-external-secrets.tf
index 7b8aed94..a460ebf9 100644
--- a/terraform/layer2-k8s/eks-external-secrets.tf
+++ b/terraform/layer2-k8s/eks-external-secrets.tf
@@ -90,7 +90,13 @@ module "aws_iam_external_secrets" {
     "Statement" : [
       {
         "Effect" : "Allow",
-        "Action" : "ssm:GetParameter",
+        "Action" : [
+          "ssm:GetParameter",
+          "secretsmanager:GetResourcePolicy",
+          "secretsmanager:GetSecretValue",
+          "secretsmanager:DescribeSecret",
+          "secretsmanager:ListSecretVersionIds"
+        ],
         "Resource" : "*"
       }
     ]