Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Now creates ECR repos and makes a CI user during the bootstrap, storing the credentials in the secrets manager Cleaned up the create process a bit
- Loading branch information
Showing
10 changed files
with
239 additions
and
70 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
# The state will have keys in it which can be ignored | ||
terraform.tfstate* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
provider "aws" { | ||
region = "{{ .Config.Infrastructure.AWS.Region }}" | ||
} | ||
|
||
# Create the CI User | ||
resource "aws_iam_user" "ci_user" { | ||
name = "ci-user" | ||
} | ||
|
||
# Create a keypair to be used by CI systems | ||
resource "aws_iam_access_key" "ci_user" { | ||
user = aws_iam_user.ci_user.name | ||
} | ||
|
||
# Add the keys to AWS secrets manager | ||
resource "aws_secretsmanager_secret" "ci_user_keys" { | ||
name = "ci-user-keys" | ||
} | ||
|
||
resource "aws_secretsmanager_secret_version" "ci_user_keys" { | ||
secret_id = aws_secretsmanager_secret.ci_user_keys.id | ||
secret_string = jsonencode(map("access_key_id", aws_iam_access_key.ci_user.id, "secret_key", aws_iam_access_key.ci_user.secret)) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.