Skip to content
This repository has been archived by the owner on Mar 8, 2023. It is now read-only.

symopsio/terraform-sym-secretsmgr-addon

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Deprecation Warning

The symopsio/secretsmgr-addon/sym module is deprecated as of September 30, 2022. Please migrate to symopsio/secretsmgr-addon/aws. This should be done automatically if you are have migrated to the symopsio/runtime-connector/aws module.

secretsmgr-addon

The secretsmgr-addon module adds AWS Secrets Manager access to a Sym runtime connector module.

This Addon will add a policy to the role generated by a Connector.

You typically include this Addon by adding aws/secretsmgr to the addons property of the runtime connector module, rather than referring to the policy ARN itself.

Secrets must be tagged with ${var.tag_name}=${var.environment} in order to be accessible by this addon.

module "runtime_connector" {
  source  = "symopsio/runtime-connector/sym"
  version = ">= 1.0.0"

  addons      = [ "aws/secretsmgr" ]
  environment = "sandbox"
}

Optionally override the default tag_name and value with addon_params:

module "runtime_connector" {
  source  = "symopsio/runtime-connector/sym"
  version = ">= 1.0.0"

  addons      = [ "aws/secretsmgr" ]
  environment = "sandbox"

  // Optionally override the default tag_name and value with `addon_params`
  addon_params = {
    "aws/secretsmgr" = {
       "tag_name" = "CustomName",
       "tag_value = "CustomValue"
    }
  }
}

Requirements

Name Version
terraform >= 0.13.7
aws ~> 3.0

Providers

Name Version
aws ~> 3.0

Modules

No modules.

Resources

Name Type
aws_iam_policy.this resource

Inputs

Name Description Type Default Required
environment An environment qualifier for the resources this module creates, to support a Terraform SDLC. The environment value is also the tag value that secrets must be tagged with to be accessible by this addon. string n/a yes
tag_name Name of the tag that secrets must be tagged with to be accessible by this addon. string "SymEnv" no
tags Additional tags to apply to resources map(string) {} no

Outputs

Name Description
policy_arn Secrets access policy arn