From 5f759200c63d505454c07a5d2db4f35eaa37a74a Mon Sep 17 00:00:00 2001
From: Somtochi Onyekwere <somtochionyekwere@gmail.com>
Date: Wed, 20 Jan 2021 13:00:14 +0100
Subject: [PATCH] update guide for mozilla sops

Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
---
 docs/guides/mozilla-sops.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/docs/guides/mozilla-sops.md b/docs/guides/mozilla-sops.md
index 8e85f496..cfd9a492 100644
--- a/docs/guides/mozilla-sops.md
+++ b/docs/guides/mozilla-sops.md
@@ -106,7 +106,8 @@ secrets by iterating over all the private keys until it finds one that works.
 
 ### Using various cloud providers
 
-When using AWS/GCP KMS, you'll have to bind an IAM Role with access to the KMS
+When using AWS/GCP KMS, you don't have to include the gpg `secretRef` under
+`spec.provider` (you can skip the `--decryption-secret` flag when running `flux create kustomization`), instead you'll have to bind an IAM Role with access to the KMS
 keys to the `default` service account of the `flux-system` namespace for
 kustomize-controller to be able to fetch keys from KMS.
 
-- 
GitLab