diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 67037f45..c8de75a9 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -27,9 +27,9 @@ jobs:
         run: GOBIN=$PWD/bin go install honnef.co/go/tools/cmd/staticcheck && ./bin/staticcheck ./...
 
       - name: Run Linting
-        uses: golangci/golangci-lint-action@v1
+        uses: golangci/golangci-lint-action@v2
         with:
-          version: v1.27
+          version: v1.33.0
 
       - name: Run Tests
         run: go test -cover -p 1 -race -v ./...
diff --git a/template.yaml b/template.yaml
index df538c66..ceb83b22 100644
--- a/template.yaml
+++ b/template.yaml
@@ -92,7 +92,11 @@ Resources:
               Effect: Allow
               Action:
                 - "secretsmanager:Get*"
-              Resource: "*"
+              Resource:
+                - !Ref AWSGoogleCredentialsSecret
+                - !Ref AWSGoogleAdminEamil
+                - !Ref AWSSCIMEndpointSecret
+                - !Ref AWSSCIMAccessTokenSecret
       Events:
         SyncScheduledEvent:
           Type: Schedule