-
Notifications
You must be signed in to change notification settings - Fork 2
/
key-vault.tf
61 lines (50 loc) · 2 KB
/
key-vault.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
module "vault" {
source = "[email protected]:hmcts/cnp-module-key-vault?ref=master"
name = "ccd-${var.env}"
product = var.product
env = var.env
tenant_id = var.tenant_id
object_id = var.jenkins_AAD_objectId
resource_group_name = azurerm_resource_group.rg.name
product_group_name = "dcd_ccd"
common_tags = local.tags
additional_managed_identities_access = var.additional_managed_identities_access
create_managed_identity = true
}
data "azurerm_key_vault" "s2s_vault" {
name = "s2s-${var.env}"
resource_group_name = "rpe-service-auth-provider-${var.env}"
}
data "azurerm_key_vault_secret" "ccd_gw_s2s_key" {
name = "microservicekey-ccd-gw"
key_vault_id = data.azurerm_key_vault.s2s_vault.id
}
data "azurerm_key_vault_secret" "ccd_case_disposer_s2s_key" {
name = "microservicekey-ccd-case-disposer"
key_vault_id = data.azurerm_key_vault.s2s_vault.id
}
resource "azurerm_key_vault_secret" "ccd-case-disposer-s2s-secret" {
name = "ccd-case-disposer-s2s-secret"
value = data.azurerm_key_vault_secret.ccd_case_disposer_s2s_key.value
key_vault_id = module.vault.key_vault_id
}
resource "azurerm_key_vault_secret" "ccd_gw_s2s_secret" {
name = "ccd-gw-s2s-secret"
value = data.azurerm_key_vault_secret.ccd_gw_s2s_key.value
key_vault_id = module.vault.key_vault_id
}
data "azurerm_key_vault_secret" "ccd_next_hearing_date_updater_s2s_key" {
name = "microservicekey-ccd-next-hearing-date-updater"
key_vault_id = data.azurerm_key_vault.s2s_vault.id
}
resource "azurerm_key_vault_secret" "ccd-next-hearing-date-updater-s2s-secret" {
name = "ccd-next-hearing-date-updater-s2s-secret"
value = data.azurerm_key_vault_secret.ccd_next_hearing_date_updater_s2s_key.value
key_vault_id = module.vault.key_vault_id
}
output "vaultName" {
value = module.vault.key_vault_name
}
output "vaultUri" {
value = module.vault.key_vault_uri
}