-
Notifications
You must be signed in to change notification settings - Fork 10
/
secrets.tf
89 lines (70 loc) · 2.89 KB
/
secrets.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
# #########################################
# Secrets - These will already exist
# #########################################
data "aws_secretsmanager_secret_version" "api_gateway_header" {
secret_id = "${local.config_var_prefix}header-x-secret"
}
data "aws_secretsmanager_secret_version" "device_check" {
secret_id = "${local.config_var_prefix}device-check"
}
data "aws_secretsmanager_secret_version" "encrypt" {
secret_id = "${local.config_var_prefix}encrypt"
}
data "aws_secretsmanager_secret_version" "exposures" {
secret_id = "${local.config_var_prefix}exposures"
}
data "aws_secretsmanager_secret_version" "jwt" {
secret_id = "${local.config_var_prefix}jwt"
}
data "aws_secretsmanager_secret_version" "rds" {
secret_id = "${local.config_var_prefix}rds"
}
data "aws_secretsmanager_secret_version" "admin_push_service_token" {
secret_id = "${local.config_var_prefix}admin-push-service-token"
}
data "aws_secretsmanager_secret_version" "google_maps_api_key" {
secret_id = "${local.config_var_prefix}google-maps-api-key"
}
data "aws_secretsmanager_secret_version" "rds_read_only" {
secret_id = "${local.config_var_prefix}rds-read-only"
}
data "aws_secretsmanager_secret_version" "rds_read_write" {
secret_id = "${local.config_var_prefix}rds-read-write"
}
data "aws_secretsmanager_secret_version" "rds_read_write_create" {
secret_id = "${local.config_var_prefix}rds-read-write-create"
}
data "aws_secretsmanager_secret_version" "verify" {
secret_id = "${local.config_var_prefix}verify"
}
# #########################################
# Optional secrets - These exist for some instances
# #########################################
data "aws_secretsmanager_secret_version" "notice" {
count = contains(var.optional_secrets_to_include, "notice") ? 1 : 0
secret_id = format("%snotice", local.config_var_prefix)
}
data "aws_secretsmanager_secret_version" "quicksight_dashboard" {
count = contains(var.optional_secrets_to_include, "quicksight-dashboard") ? 1 : 0
secret_id = format("%squicksight-dashboard", local.config_var_prefix)
}
data "aws_secretsmanager_secret_version" "cct" {
count = contains(var.optional_secrets_to_include, "cct") ? 1 : 0
secret_id = "${local.config_var_prefix}cct"
}
data "aws_secretsmanager_secret_version" "cso" {
count = contains(var.optional_secrets_to_include, "cso") ? 1 : 0
secret_id = "${local.config_var_prefix}cso"
}
data "aws_secretsmanager_secret_version" "interop" {
count = contains(var.optional_secrets_to_include, "interop") ? 1 : 0
secret_id = "${local.config_var_prefix}interop"
}
data "aws_secretsmanager_secret_version" "sms" {
count = contains(var.optional_secrets_to_include, "sms") ? 1 : 0
secret_id = "${local.config_var_prefix}sms"
}
data "aws_secretsmanager_secret_version" "verify_proxy" {
count = contains(var.optional_secrets_to_include, "verify-proxy") ? 1 : 0
secret_id = "${local.config_var_prefix}verify-proxy"
}