Skip to content

Commit

Permalink
Merge pull request #272 from DFE-Digital/feature/storage-secret
Browse files Browse the repository at this point in the history
Added storage account connection string secret.
  • Loading branch information
RobertGHippo authored Jul 26, 2024
2 parents 36db3fb + a0bb087 commit 8e66367
Show file tree
Hide file tree
Showing 4 changed files with 16 additions and 1 deletion.
1 change: 1 addition & 0 deletions terraform/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@ module "storage" {

location = var.azure_region
resource_group = azurerm_resource_group.rg.name
kv_id = module.network.kv_id
tags = local.common_tags
}

Expand Down
2 changes: 2 additions & 0 deletions terraform/modules/azure-storage/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ No modules.

| Name | Type |
|------|------|
| [azurerm_key_vault_secret.storage_connection_string](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
| [azurerm_storage_account.sa](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account) | resource |
| [azurerm_storage_container.data_protection](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_container) | resource |
| [random_string.resource_code](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource |
Expand All @@ -30,6 +31,7 @@ No modules.

| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| <a name="input_kv_id"></a> [kv\_id](#input\_kv\_id) | The ID of the Key Vault | `string` | n/a | yes |
| <a name="input_location"></a> [location](#input\_location) | Name of the Azure region to deploy resources | `string` | n/a | yes |
| <a name="input_resource_group"></a> [resource\_group](#input\_resource\_group) | Name of the Azure Resource Group to deploy resources | `string` | n/a | yes |
| <a name="input_tags"></a> [tags](#input\_tags) | Resource tags | `map(string)` | n/a | yes |
Expand Down
7 changes: 7 additions & 0 deletions terraform/modules/azure-storage/storage.tf
Original file line number Diff line number Diff line change
Expand Up @@ -60,3 +60,10 @@ resource "azurerm_storage_container" "data_protection" {

#checkov:skip=CKV2_AZURE_21:Logging not required
}

resource "azurerm_key_vault_secret" "storage_connection_string" {
name = "Storage--ConnectionString"
value = azurerm_storage_account.sa.primary_connection_string
key_vault_id = var.kv_id
}

7 changes: 6 additions & 1 deletion terraform/modules/azure-storage/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,12 @@ variable "resource_group" {
type = string
}

variable "kv_id" {
description = "The ID of the Key Vault"
type = string
}

variable "tags" {
description = "Resource tags"
type = map(string)
}
}

0 comments on commit 8e66367

Please sign in to comment.