fix(cai): modules must not define providers (#1132)

Co-authored-by: Daniel Andrade <dandrade@ciandt.com> Co-authored-by: eeaton <ellioteaton@gmail.com>
terraform-google-modules · May 21, 2024 · f396741 · f396741
1 parent 229e53c
commit f396741
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 39 deletions.
diff --git a/1-org/envs/shared/cai_monitoring.tf b/1-org/envs/shared/cai_monitoring.tf
@@ -28,11 +28,10 @@ module "kms" {
 module "cai_monitoring" {
   source = "../../modules/cai-monitoring"
 
-  org_id               = local.org_id
-  billing_account      = local.billing_account
-  project_id           = module.scc_notifications.project_id
-  location             = local.default_region
-  enable_cmek          = true
-  encryption_key       = module.kms.keys["key-cai-monitoring"]
-  impersonate_sa_email = local.org_step_terraform_service_account_email
+  org_id          = local.org_id
+  billing_account = local.billing_account
+  project_id      = module.scc_notifications.project_id
+  location        = local.default_region
+  enable_cmek     = true
+  encryption_key  = module.kms.keys["key-cai-monitoring"]
 }
diff --git a/1-org/modules/cai-monitoring/README.md b/1-org/modules/cai-monitoring/README.md
@@ -13,7 +13,6 @@ module "secure_cai_notification" {
   region               = <REGION>
   encryption_key       = <CMEK KEY>
   labels               = <LABELS>
-  impersonate_sa_email = <SA TO IMPERSONATE>
   roles_to_monitor     = <ROLES TO MONITOR>
 }
 ```
@@ -26,7 +25,6 @@ module "secure_cai_notification" {
 | billing\_account | The ID of the billing account to associate projects with. | `string` | n/a | yes |
 | enable\_cmek | The KMS Key to Encrypt Artifact Registry repository, Cloud Storage Bucket and Pub/Sub. | `bool` | `false` | no |
 | encryption\_key | The KMS Key to Encrypt Artifact Registry repository, Cloud Storage Bucket and Pub/Sub. | `string` | `null` | no |
-| impersonate\_sa\_email | The Service Account email who will execute terraform code. | `string` | n/a | yes |
 | labels | Labels to be assigned to resources. | `map(any)` | `{}` | no |
 | location | Default location to create resources where applicable. | `string` | `"us-central1"` | no |
 | org\_id | GCP Organization ID | `string` | n/a | yes |

diff --git a/1-org/modules/cai-monitoring/providers.tf b/1-org/modules/cai-monitoring/providers.tf
diff --git a/1-org/modules/cai-monitoring/variables.tf b/1-org/modules/cai-monitoring/variables.tf
@@ -53,11 +53,6 @@ variable "labels" {
   default     = {}
 }
 
-variable "impersonate_sa_email" {
-  description = "The Service Account email who will execute terraform code."
-  type        = string
-}
-
 variable "roles_to_monitor" {
   description = "List of roles that will save a SCC Finding if granted to any member (service account, user or group) on an update in the IAM Policy."
   type        = list(string)