From 0e5b61c5dfb17b99671f5a1cd611eca9eed2c43e Mon Sep 17 00:00:00 2001 From: Hazmei Abdul Rahman Date: Wed, 27 Mar 2024 14:37:02 +0800 Subject: [PATCH] chore: remove more unused items and update README --- README.md | 2 -- locals.tf | 6 ++---- main.tf | 2 +- variables.tf | 12 ------------ 4 files changed, 3 insertions(+), 19 deletions(-) diff --git a/README.md b/README.md index ae92a68..788f964 100644 --- a/README.md +++ b/README.md @@ -78,8 +78,6 @@ module "vault_secretsync" { | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [associate\_secrets](#input\_associate\_secrets) | Map of vault kv to create secret sync association |
map(
object({
mount = string
secret_name = list(string)
})
)
| `{}` | no | -| [delete\_all\_secret\_associations](#input\_delete\_all\_secret\_associations) | Delete the secret associations | `bool` | `false` | no | -| [delete\_sync\_destination](#input\_delete\_sync\_destination) | Delete the sync destination. Secret associations must be removed beforehand. | `bool` | `false` | no | | [name](#input\_name) | Prefix name for the destination | `string` | n/a | yes | | [region](#input\_region) | AWS region | `string` | `"ap-southeast-1"` | no | | [tags](#input\_tags) | Tags to set on the secrets managed at the destination | `map(string)` | `{}` | no | diff --git a/locals.tf b/locals.tf index 921e12d..7a321b1 100644 --- a/locals.tf +++ b/locals.tf @@ -1,8 +1,6 @@ locals { - age_in_days = timeadd(plantimestamp(), "-2160h") # 90 days (90*24 hours) - sync_base_path = "sys/sync/destinations" - destination_name = "${var.name}-${var.region}-${random_id.this.hex}" - delete_sync_destination = alltrue([var.delete_all_secret_associations, var.delete_sync_destination]) + age_in_days = timeadd(plantimestamp(), "-2160h") # 90 days (90*24 hours) + destination_name = "${var.name}-${var.region}-${random_id.this.hex}" associate_secrets = flatten([ for app_name, secret in var.associate_secrets : [ diff --git a/main.tf b/main.tf index 37c186a..103cfe6 100644 --- a/main.tf +++ b/main.tf @@ -5,7 +5,7 @@ ####################################### resource "vault_secrets_sync_aws_destination" "aws" { - name = var.name + name = local.destination_name access_key_id = aws_iam_access_key.vault_secretsync.id secret_access_key = aws_iam_access_key.vault_secretsync.secret region = data.aws_region.current.name diff --git a/variables.tf b/variables.tf index 33193cc..c72d9b7 100644 --- a/variables.tf +++ b/variables.tf @@ -1,15 +1,3 @@ -variable "delete_sync_destination" { - type = bool - default = false - description = "Delete the sync destination. Secret associations must be removed beforehand." -} - -variable "delete_all_secret_associations" { - type = bool - default = false - description = "Delete the secret associations" -} - variable "name" { type = string description = "Prefix name for the destination"