Using Codebuild+GithubApp Integration

Trying to use the Github Provider using Github App Authentication

provider “github” {
owner = var.github_organization
base_url = var.base_url
app_auth {
id = jsondecode(data.aws_secretsmanager_secret_version.github_token.secret_string)[“APP_ID”]
installation_id = jsondecode(data.aws_secretsmanager_secret_version.github_token.secret_string)[“INSTALLATION_ID”]
pem_file = base64decode(jsondecode(data.aws_secretsmanager_secret_version.github_token.secret_string)[“PRIVATE_KEY”])
}
}

resource “aws_codepipeline_webhook” “main” {
for_each = toset(local.pipeline_names)
name = “webhook-{var.branch}-{each.value}”
authentication = “GITHUB_HMAC”
target_action = “Source”
target_pipeline = aws_codepipeline.lambda_pipeline[each.value].name

filter {
json_path = “$.ref”
match_equals = “refs/heads/{Branch}”
}
}

resource “github_repository_webhook” “main” {
for_each = toset(local.pipeline_names)

active = true
events = [“pull_request”, “push”] #each.value.events
repository = var.repository_name

configuration {
url = aws_codepipeline_webhook.main[each.value].url
#secret = data.aws_secretsmanager_secret_version.github_token.secret_string
content_type = “json”
insecure_ssl = false
}
}

I get the following error

│ Error: creating CodePipeline Webhook (webhook-my-lambda-function): operation error CodePipeline: PutWebhook, https response error StatusCode: 400, RequestID: ad6a20fc-96b2-44bf-a8c8-0d67096380b4, InvalidWebhookAuthenticationParametersException: Optional[‘authenticationConfig’ should contain only one property: ‘SecretToken’]

The provider is initializing fine using the GithubApp parameters but seems like the aws_codepipeline_webhook resource is expecting a token.