add stuff for using access keys

terraform-modules · Dec 20, 2022 · 8a16c55 · 8a16c55
1 parent ecd54b5
commit 8a16c55
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 3 deletions.
diff --git a/examples/full-cluster-tf-upgrade/cluster-roles/deployer.iam.tf b/examples/full-cluster-tf-upgrade/cluster-roles/deployer.iam.tf
@@ -20,7 +20,10 @@ module "service_cicd_deployer" {
   service_account     = true
   enable_sending_mail = false
   create_access_keys  = false
-  attached_policies   = flatten(concat([for k, v in data.aws_iam_policy.cicd_deployer_policies : v.arn], [aws_iam_policy.cicd_deployer.arn]))
+  profile             = var.profile
+  pgp_key_file        = "./init/tf-gpg-key.b64"
+
+  attached_policies = flatten(concat([for k, v in data.aws_iam_policy.cicd_deployer_policies : v.arn], [aws_iam_policy.cicd_deployer.arn]))
 
   tags = merge(
     local.base_tags,
@@ -29,7 +32,7 @@ module "service_cicd_deployer" {
   )
 }
 module "role_cicd_deployer" {
-  source = "git@github.e.it.census.gov:terraform-modules/aws-iam-role.git?ref=tf-upgrade"
+  source = "git@github.e.it.census.gov:terraform-modules/aws-iam-role.git"
 
   role_name              = local.role_cicd_k8s_group_name
   role_description       = "Role for EKS cluster ${var.cluster_name} for access by ${var.cicd_k8s_group_name}"

diff --git a/examples/full-cluster/cluster-roles/deployer.iam.tf b/examples/full-cluster/cluster-roles/deployer.iam.tf
@@ -20,7 +20,10 @@ module "service_cicd_deployer" {
   service_account     = true
   enable_sending_mail = false
   create_access_keys  = false
-  attached_policies   = flatten(concat([for k, v in data.aws_iam_policy.cicd_deployer_policies : v.arn], [aws_iam_policy.cicd_deployer.arn]))
+  profile             = var.profile
+  pgp_key_file        = "./init/tf-gpg-key.b64"
+
+  attached_policies = flatten(concat([for k, v in data.aws_iam_policy.cicd_deployer_policies : v.arn], [aws_iam_policy.cicd_deployer.arn]))
 
   tags = merge(
     local.base_tags,