Added a variable for specifying additional secret names. (#10)

Flags for enabling IAM policies for predefined app specific secrets are now deprecated.

iam.tf

@@ -42,8 +42,13 @@ locals {
         "batcave/defectdojo-rabbitmq-specific",
         "batcave/defectdojo-redis-specific"
     ]
-    include_gitlab_secrets     = var.enable_gitlab_secret_arns == true ? concat(local.secret_names, local.gitlab_secret_names) : local.secret_names
-    all_secret_names           = var.enable_defectdojo_secret_arns == true ? concat(local.include_gitlab_secrets, local.defectdojo_secret_names) : local.include_gitlab_secrets
+    include_gitlab_secrets = var.enable_gitlab_secret_arns == true ? concat(local.secret_names, local.gitlab_secret_names) : local.secret_names
+
+    all_secret_names = (
+      var.enable_defectdojo_secret_arns == true ?
+        concat(local.include_gitlab_secrets, local.defectdojo_secret_names, var.additional_secret_names) :
+        concat(local.include_gitlab_secrets, var.additional_secret_names)
+    )
 }
 
 output "secret_arns"{

variables.tf

@@ -60,13 +60,21 @@ variable "external_secrets_service_accounts" {
 }
 
 variable "enable_gitlab_secret_arns" {
-  type    = bool
-  default = false
+  description = "DEPRECATED: when set to true enables creation of IAM policies for GitLab secrets. Use additional_secret_names instead."
+  type        = bool
+  default     = false
 }
 
 variable "enable_defectdojo_secret_arns" {
-  type    = bool
-  default = false
+  description = "DEPRECATED: when set to true enables creation of IAM policies for DefectDojo secrets. Use additional_secret_names instead."
+  type        = bool
+  default     = false
+}
+
+variable "additional_secret_names" {
+  description = "A list of additional secret names to create IAM policies for."
+  type        = list(string)
+  default     = []
 }
 
 variable "aws_region" {