Skip to content

Commit

Permalink
Updated
Browse files Browse the repository at this point in the history
  • Loading branch information
@lolli001
lolli001 committed Jul 23, 2024
1 parent 356b04d commit dd7e7d6
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 13 deletions.
4 changes: 2 additions & 2 deletions iam_policy.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ resource "aws_iam_policy" "rhel_x86_codepipeline_permissions" {
"kms:GenerateDataKey",
"kms:DescribeKey"
],
Resource = "arn:aws-us-gov:kms:us-gov-west-1:229685449397:key/${aws_kms_key.rhel_x86_codepipeline_key.id}"
Resource = "arn:aws-us-gov:kms:us-gov-west-1:229685449397:key/ba7dabdd-0f5a-44aa-9a90-a36c246a29a4"
},
{
Effect = "Allow",
Expand Down Expand Up @@ -168,7 +168,7 @@ resource "aws_iam_policy" "rhel_x86_ec2_permissions" {
"kms:GenerateDataKey",
"kms:DescribeKey"
],
Resource = "arn:aws-us-gov:kms:us-gov-west-1:229685449397:key/${aws_kms_key.rhel_x86_codepipeline_key.id}"
Resource = "arn:aws-us-gov:kms:us-gov-west-1:229685449397:key/ba7dabdd-0f5a-44aa-9a90-a36c246a29a4"
}
]
})
Expand Down
9 changes: 5 additions & 4 deletions kms.tf
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
resource "aws_kms_key" "rhel_x86_codepipeline_key" {
description = "KMS key for RHEL x86 CodePipeline"
key_id = "ba7dabdd-0f5a-44aa-9a90-a36c246a29a4" # Static KMS Key ID
policy = <<EOF
{
"Version": "2012-10-17",
Expand All @@ -20,7 +21,7 @@ resource "aws_kms_key" "rhel_x86_codepipeline_key" {
"kms:GenerateDataKey*",
"kms:DescribeKey"
],
"Resource": "arn:aws-us-gov:kms:us-gov-west-1:229685449397:key/${aws_kms_key.rhel_x86_codepipeline_key.id}"
"Resource": "arn:aws-us-gov:kms:us-gov-west-1:229685449397:key/ba7dabdd-0f5a-44aa-9a90-a36c246a29a4"
},
{
"Sid": "Allow admin actions",
Expand All @@ -29,7 +30,7 @@ resource "aws_kms_key" "rhel_x86_codepipeline_key" {
"AWS": "arn:aws-us-gov:iam::229685449397:root"
},
"Action": "kms:*",
"Resource": "arn:aws-us-gov:kms:us-gov-west-1:229685449397:key/${aws_kms_key.rhel_x86_codepipeline_key.id}"
"Resource": "arn:aws-us-gov:kms:us-gov-west-1:229685449397:key/ba7dabdd-0f5a-44aa-9a90-a36c246a29a4"
}
]
}
Expand All @@ -38,5 +39,5 @@ EOF

resource "aws_kms_alias" "rhel_x86_codepipeline_alias" {
name = "alias/rhel-x86-codepipeline-key"
target_key_id = aws_kms_key.rhel_x86_codepipeline_key.id
}
target_key_id = "ba7dabdd-0f5a-44aa-9a90-a36c246a29a4" # Static KMS Key ID
}
9 changes: 2 additions & 7 deletions modules/image-pipeline/build.pkr.hcl
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,10 @@
variable "kms_key_id" {
type = string
default = aws_kms_key.rhel_x86_codepipeline_key.id
}

source "amazon-ebs" "rhel" {
ami_name = "rhel-arm-{{timestamp}}"
instance_type = "t3.micro"
region = "us-gov-west-1"
source_ami = "ami-03f5c6b8195c66b04" # Updated AMI ID for RHEL 9 ARM
ssh_username = "ec2-user"
kms_key_id = var.kms_key_id
kms_key_id = "ba7dabdd-0f5a-44aa-9a90-a36c246a29a4" # Static KMS Key ID
}

build {
Expand All @@ -24,4 +19,4 @@ build {
"echo 'Build finished!'",
]
}
}
}

0 comments on commit dd7e7d6

Please sign in to comment.