Added storage account connection string secret.

DFE-Digital · Jul 26, 2024 · 7a4c74f · 7a4c74f
1 parent bd3c27b
commit 7a4c74f
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 1 deletion.
diff --git a/terraform/main.tf b/terraform/main.tf
@@ -58,6 +58,7 @@ module "storage" {
 
   location       = var.azure_region
   resource_group = azurerm_resource_group.rg.name
+  kv_id          = module.network.kv_id
   tags           = local.common_tags
 }
 

diff --git a/terraform/modules/azure-storage/storage.tf b/terraform/modules/azure-storage/storage.tf
@@ -60,3 +60,10 @@ resource "azurerm_storage_container" "data_protection" {
 
   #checkov:skip=CKV2_AZURE_21:Logging not required
 }
+
+resource "azurerm_key_vault_secret" "storage_connection_string" {
+  name         = "Storage--ConnectionString"
+  value        = azurerm_storage_account.sa.primary_connection_string
+  key_vault_id = var.kv_id
+}
+
diff --git a/terraform/modules/azure-storage/variables.tf b/terraform/modules/azure-storage/variables.tf
@@ -8,7 +8,12 @@ variable "resource_group" {
   type        = string
 }
 
+variable "kv_id" {
+  description = "The ID of the Key Vault"
+  type        = string
+}
+
 variable "tags" {
   description = "Resource tags"
   type        = map(string)
-}
+}