From 8a16c5583838e7ed2b24a900b3dabc25891708c9 Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Tue, 20 Dec 2022 12:16:48 -0500
Subject: [PATCH] add stuff for using access keys

---
 .../full-cluster-tf-upgrade/cluster-roles/deployer.iam.tf  | 7 +++++--
 examples/full-cluster/cluster-roles/deployer.iam.tf        | 5 ++++-
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/examples/full-cluster-tf-upgrade/cluster-roles/deployer.iam.tf b/examples/full-cluster-tf-upgrade/cluster-roles/deployer.iam.tf
index 11d0e51..204b4d1 100644
--- a/examples/full-cluster-tf-upgrade/cluster-roles/deployer.iam.tf
+++ b/examples/full-cluster-tf-upgrade/cluster-roles/deployer.iam.tf
@@ -20,7 +20,10 @@ module "service_cicd_deployer" {
   service_account     = true
   enable_sending_mail = false
   create_access_keys  = false
-  attached_policies   = flatten(concat([for k, v in data.aws_iam_policy.cicd_deployer_policies : v.arn], [aws_iam_policy.cicd_deployer.arn]))
+  profile             = var.profile
+  pgp_key_file        = "./init/tf-gpg-key.b64"
+
+  attached_policies = flatten(concat([for k, v in data.aws_iam_policy.cicd_deployer_policies : v.arn], [aws_iam_policy.cicd_deployer.arn]))
 
   tags = merge(
     local.base_tags,
@@ -29,7 +32,7 @@ module "service_cicd_deployer" {
   )
 }
 module "role_cicd_deployer" {
-  source = "git@github.e.it.census.gov:terraform-modules/aws-iam-role.git?ref=tf-upgrade"
+  source = "git@github.e.it.census.gov:terraform-modules/aws-iam-role.git"
 
   role_name              = local.role_cicd_k8s_group_name
   role_description       = "Role for EKS cluster ${var.cluster_name} for access by ${var.cicd_k8s_group_name}"
diff --git a/examples/full-cluster/cluster-roles/deployer.iam.tf b/examples/full-cluster/cluster-roles/deployer.iam.tf
index 13f4192..204b4d1 100644
--- a/examples/full-cluster/cluster-roles/deployer.iam.tf
+++ b/examples/full-cluster/cluster-roles/deployer.iam.tf
@@ -20,7 +20,10 @@ module "service_cicd_deployer" {
   service_account     = true
   enable_sending_mail = false
   create_access_keys  = false
-  attached_policies   = flatten(concat([for k, v in data.aws_iam_policy.cicd_deployer_policies : v.arn], [aws_iam_policy.cicd_deployer.arn]))
+  profile             = var.profile
+  pgp_key_file        = "./init/tf-gpg-key.b64"
+
+  attached_policies = flatten(concat([for k, v in data.aws_iam_policy.cicd_deployer_policies : v.arn], [aws_iam_policy.cicd_deployer.arn]))
 
   tags = merge(
     local.base_tags,