Skip to content

Commit

Permalink
update resource reference
Browse files Browse the repository at this point in the history
  • Loading branch information
@kunduso
kunduso committed Sep 11, 2024
1 parent 8c2e598 commit 2404556
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 3 deletions.
3 changes: 2 additions & 1 deletion lambda_iam_role.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ resource "aws_iam_policy" "lambda_policy" {
"kms:GenerateDataKey",
"kms:Describe"
]
Resource = [aws_kms_key.encryption_secret.arn]
Resource = [aws_kms_key.encryption_rds.arn]
},
{
Effect = "Allow",
Expand Down Expand Up @@ -76,6 +76,7 @@ resource "aws_iam_role_policy_attachment" "lambda_policy_attachement" {
role = aws_iam_role.lambda_role.name
policy_arn = aws_iam_policy.lambda_policy.arn
}
#https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html#configuration-vpc-permissions
#https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AWSLambdaVPCAccessExecutionRole.html
#https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment
resource "aws_iam_role_policy_attachment" "managed_vpc_policy_attachement" {
Expand Down
4 changes: 2 additions & 2 deletions secrets.tf
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
#https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password
resource "random_password" "password" {
length = 128
length = 28
special = true
override_special = "~!#$%^&*()-_=+[]{}\\|;:<>.?"
}
#https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret
resource "aws_secretsmanager_secret" "rds_password" {
name = var.name
recovery_window_in_days = 0
kms_key_id = aws_kms_key.encryption_secret.id
kms_key_id = aws_kms_key.encryption_rds.id
#checkov:skip=CKV2_AWS_57: Disabled Secrets Manager secrets automatic rotation
}
#https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version
Expand Down

0 comments on commit 2404556

Please sign in to comment.