tofu-modules-aws-fargate-service/secrets.tf at main · codeforamerica/tofu-modules-aws-fargate-service · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
module "secrets_manager" {
  source  = "terraform-aws-modules/secrets-manager/aws"
  version = "~> 1.1"

  for_each = var.secrets_manager_secrets

  name_prefix             = "${var.project}/${var.environment}/${var.service}/${each.key}-"
  create_random_password  = each.value.create_random_password
  description             = each.value.description
  recovery_window_in_days = each.value.recovery_window
  kms_key_id              = aws_kms_alias.fargate.id
  secret_string           = each.value.start_value

  ignore_secret_changes = true

  tags = var.tags
}

resource "aws_ssm_parameter" "otel_config" {
  name        = "/${join("/", compact([var.project, var.environment, var.service, "otel"]))}"
  description = "Configuration for the OpenTelemetry collector."
  tier        = "Intelligent-Tiering"
  type        = "String"
  overwrite   = true

  value = local.otel_config

  tags = var.tags
}