CCL-1465: Change secret to variable and sensitive

Signed-off-by: Babatunde Kassim <babatunde.kassim1@digital.homeoffice.gov.uk>
UKHomeOffice · Dec 12, 2024 · 42db802 · 42db802
1 parent d31f535
commit 42db802
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 14 deletions.
diff --git a/alerts/webhook_alert_integration/alerts_profile.tf b/alerts/webhook_alert_integration/alerts_profile.tf
@@ -34,19 +34,6 @@ resource "dynatrace_alerting" "cosmos-integration-alerting-profile" {
   }
 }
 
-data "aws_caller_identity" "current" {}
-
-data "aws_secretsmanager_secret" "snow_secret" {
-  arn = "arn:aws:secretsmanager:eu-west-2:${data.aws_caller_identity.current.account_id}:secret:test/snowIntegration-kP3kJ7"
-}
-
-data "aws_secretsmanager_secret_version" "current_secret" {
-  secret_id = data.aws_secretsmanager_secret.snow_secret.id
-}
-
-locals {
-  snow_client_secret = jsondecode(data.aws_secretsmanager_secret_version.current_secret.secret_string)
-}
 resource "dynatrace_webhook_notification" "snow_webhook_integration" {
   active                 = var.active
   name                   = var.integration_notification_name
@@ -60,6 +47,6 @@ resource "dynatrace_webhook_notification" "snow_webhook_integration" {
   oauth_2_credentials {
     access_token_url = var.access_token_url
     client_id        = var.client_id
-    client_secret    = local.snow_client_secret["snow_client_secret"]
+    client_secret    = var.client_secret
   }
 }
diff --git a/alerts/webhook_alert_integration/variables.tf b/alerts/webhook_alert_integration/variables.tf
@@ -115,4 +115,10 @@ variable "client_id" {
 variable "payload" {
   type = string
   description = "The content of the notification message"
+}
+
+variable "client_secret" {
+  type = string
+  description = "Client secret"
+  sensitive = true
 }