-
Notifications
You must be signed in to change notification settings - Fork 17
/
Copy pathmain.tf
28 lines (24 loc) · 1.05 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# DEPLOY KEY MANAGEMENT SERVICES KEY RING, KEY, AND ENCRYPTED CREDENTIALS
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
provider "random" {
version = "~> 2.2.1"
}
resource "random_string" "random" {
length = 10
special = false
}
resource "google_kms_key_ring" "cloud-run-keyring" {
project = var.project
# this prevent error when creating a new key as the old name cannot be overwritten within the project for recordkeeping
name = join("-", [var.key_ring_name, random_string.random.result])
location = var.location
}
resource "google_kms_crypto_key" "iot-python-webapp-key" {
name = var.webapp_key_name
key_ring = google_kms_key_ring.cloud-run-keyring.self_link
}
data "google_kms_secret_ciphertext" "application-credentials" {
crypto_key = google_kms_crypto_key.iot-python-webapp-key.self_link
plaintext = var.secrets
}