feat: kv permissions devs and update lightbend key PAGOPA-2047 (#2582)

* feat: kv permissions devs and update lightbend key PAGOPA-2047 * updated prod --------- Co-authored-by: Pasquale Spica <[email protected]> Co-authored-by: Francesco Cesareo <[email protected]>
pagopa · Nov 25, 2024 · 7a6a82a · 7a6a82a
1 parent 69706a8
commit 7a6a82a
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 8 deletions.
diff --git a/src/domains/fdr-secret/02_security.tf b/src/domains/fdr-secret/02_security.tf
@@ -39,7 +39,7 @@ resource "azurerm_key_vault_access_policy" "adgroup_developers_policy" {
   tenant_id = data.azurerm_client_config.current.tenant_id
   object_id = data.azuread_group.adgroup_developers.object_id
 
-  key_permissions     = ["Get", "List", "Update", "Create", "Import", "Delete", "Encrypt", "Decrypt"]
+  key_permissions     = ["Get", "List", "Update", "Create", "Import", "Delete", "Encrypt", "Decrypt", "GetRotationPolicy"]
   secret_permissions  = ["Get", "List", "Set", "Delete", ]
   storage_permissions = []
   certificate_permissions = [

diff --git a/src/domains/fdr-secret/secret/weu-prod/noedit_secret_enc.json b/src/domains/fdr-secret/secret/weu-prod/noedit_secret_enc.json
@@ -6,7 +6,7 @@
 	"azure-event-hub-re-connection-string": "ENC[AES256_GCM,data:Ht3kXEwCER0Ywcwj7C4YvM2AF5aXaJXjFsHJo6ih8FFJ6/LBqRosB/ssh803USHtK5iO/bYAOPTZEJoD9AwnBeMXV4k82nZEz3yvhT9NcFcXTM2OZuSaBMBcVdOdfylAFW5y83WHG7G/Ub9/i3t/JLhDxyLJsL1KbcWEqUXZbM5TE8ZoHqy0uf0mockV4HPafD/W33qARrDjEp29TTPkgz06nN1oXi/FNiTGSY8TkD2M6Fr2O4heu3YIurysr94T,iv:wxHPROi+P6hRSdFGJPghr1YwVrqpR4d5NvC7VE2zljQ=,tag:frl0ck+T1R5cpLXzFeFmjQ==,type:str]",
 	"azure-storage-blob-connection-string": "ENC[AES256_GCM,data:jpg8j2FYbHcuIeqN/25Q2ukgYuYGuTDK51HjfBmst9sJRUtv5VJ4pNWMjS8tcOAaMb/L/JnukvgUv7YqlzWO8lNLItmWzw5jZHuPyMGW2RYiL1cZcm2sVyp1q4m+uhAZqF5+EFRESJ2MnuxGc7tB5J3v8z2WZ9ulXofqRKmnpnfgtSHHaOFx0VVgWW2o0Kd/ecgnxtriHxUqMqLjqnkfIw8mqW553npLvttGOm+G6MDO+JEK3aWPENOe56H+mA==,iv:Qcf3Rs34pb4mvQl9hr5a1GHWozyPbDw/Np6ZSDuQqJw=,tag:87wal3s0DTwH/ipXmZD08g==,type:str]",
 	"db-fdr-password": "ENC[AES256_GCM,data:qceDz2X48LN+3c+kZzlcuA==,iv:dCGPk3p36F/nnWFw11fOvV4hV0Oi6WychjacLyzdIJo=,tag:Nu24Z5gD/1boI+zOUIvOvQ==,type:str]",
-	"lightbend-key": "ENC[AES256_GCM,data:xAYfI85G2uQyyTKTpz55Nj9yxD6l+nFoikvEcy+jwGgBX6yeXFtlFM791IlNYD+9,iv:nBv7JmYR/GcfbjRZm1rJUF+tA1kv14YxZLRliX8DOhE=,tag:h/NJ0Us5ibiGbGssAnp+4Q==,type:str]",
+	"lightbend-key": "ENC[AES256_GCM,data:ssbj7bnhDa87T/Q/ZbzgTBgvxyy7hVgaLvBuU0Tiw9Q8vDb/qAUuiaOzVzkhY61r,iv:EVWrdav0c7uMKH7/UeWDh72HmZil6e/bTFxxAWpfqEM=,tag:dM6puQfGdoHwdPfBZqp/PQ==,type:str]",
 	"mongodb-connection-string": "ENC[AES256_GCM,data:g/KHQmISski4kXtTvU92tzkBNzDrlsZeRpylRH33U+f53YSDTE/t3xwDsaZY+n2LStXxDMV6euPkW1gD4lSAL50T7cDu1wce1eHdveo7MW7IXie7hha574G1+xuJzqT/1GPBaVyURvAk20QcGIJOfl5Wn5KkEBaa52kCy6ZszPpPWfoVpSt2kjuwyGgSMD7jKI6Rf4gdn9QMwrJDmJ1OU4BtEffbTt004d3NaLyV66dlM1ACKUv1CSarcPy/Tp3VssPsyIbcf93w/A1hNbj78lc3tjK9oGyfhoaYaiZcVhXtD5Dkxi5dPysHHtHiQX28z7hGVLUIfXpQ337xwUACyR9BuxEQjQnbhq3gnwFEKEGoptEJY7JtmWZe/sBzs1h8LHs71niO1xP+7wO8eKk=,iv:q/Nxh7mrOuZ/Bk0XCMMBKA7B9Pluogp6WDf/a9ukzjI=,tag:csjWZidDj0u87rmVe/YUGQ==,type:str]",
 	"otel-auth-bearer": "ENC[AES256_GCM,data:RhRPycaxl8o+dAii6iLjjX8NnuiOyifpEtCY1+/oDYSgt9bykgzfab41UtdcuZd59ZUvKF1DmAI2kVcBNyXq0hSxdHtcYeiPe5nqqfngkNG7ZfXH3rqEJOwzsl40jFHUMd2x8xMCWpeQL6XGSFnI,iv:1BlXtjfv8439QdNebmK2oOZKsRwO997XnNCHJ1G80Ls=,tag:Kh8ti3OyPPDAKnpxvRXRXQ==,type:str]",
 	"fdr-sa-connection-string": "ENC[AES256_GCM,data:k+B4p42GftYJVIUMcdxqLdMXY2A/x1sq0pS2kFxQMqqmmnV5SOaYoa8EtMUX0RwMSjEEjF2VQxCIUATmXd+kEQaD88/ZqgTNHqQ/vx+kce+n5ya72Fpq+5Aqwk3if9D2vDzM/+Rmi24EcJ+mY7Hegs05nIA2ytvDwz6eQ7jtb6vHIl80PMORPPv+bBxZ/F3Zw0nRJIPPQcztNpnOi/tAOn7dOBwO69j/BTlFPoQsPP6Bf3odUY3I/asE8NTSSg==,iv:ggb9uRvCLWQNcn1n/StPMguKxN+YDtKlXQtT7mzoE4A=,tag:m7B0uo6fUCSzWilq0rcq0w==,type:str]",
@@ -29,8 +29,8 @@
 		],
 		"hc_vault": null,
 		"age": null,
-		"lastmodified": "2024-05-20T16:31:54Z",
-		"mac": "ENC[AES256_GCM,data:rd6pa2SZbmKa6YnPR3MutFXeXgjIQCDlxDZPkVu8RA1f7csfHHr6dB4M5KVrqH19VMYiGnsMJugvKZKlLfqXPQ1iAZF2+Kgt4epxHHQWLtn0Uwh+Q9/J5siAPeC0E3iDFDzkKynFIHNIPplpu9SN3JmUobEhmiYPP+Nb5Bhl1sw=,iv:exvpgIB2j/0L+GZ11PEbTJG0Z3oUCH2YJOIpMu9A20w=,tag:IMHF+bN/YFPNe29R9uf5Yg==,type:str]",
+		"lastmodified": "2024-11-25T20:38:47Z",
+		"mac": "ENC[AES256_GCM,data:D1BpYYChff0INiVVtc3RJT/onDWv966Fd7F64XU3EqPjgpenM7lI42nr/4QDECWLWQ5ulaRSKdJhvhT9vAWKKY+ON5glYgM6kFZNNtMvUJoAlASBGN3JtEIKRB1cxpxlYWq0lMnUuEfhK7Q9rC8kPdSdIOinOXsrs/Ru9Y2rnWo=,iv:22KHvd6AP5kEoKqiaEgOiVcaDfuQeM3xY/8VGMgV3kI=,tag:ev7Xx5eFrGmzyQLkCcPeZA==,type:str]",
 		"pgp": null,
 		"unencrypted_suffix": "_unencrypted",
 		"version": "3.7.3"

diff --git a/src/domains/fdr-secret/secret/weu-uat/noedit_secret_enc.json b/src/domains/fdr-secret/secret/weu-uat/noedit_secret_enc.json
@@ -4,7 +4,7 @@
 	"ai-connection-string": "ENC[AES256_GCM,data:ihdPVzwEP1jdNE80b1U/lzxAEh/m5Wre22CtR2KRQNJe+eFkt36pjEvqyrZ/EgLyX6L7ifHXm0F1S0U1qsPvW+ezkPBOYWKxTkudnniUoG4TH2/gxNht8WRZpcq+3UKk2ri59sNWPRTNdE6om9IkNSG/2a+DiJKHe5szcty0LMUyTwAHd9odMzZ+14nI1ymlVAt9BRXG+1/F8oUknk0RzF65oUtB00ns3zu5v+kl3WLLzKSBLBh6nw88jfoJDU/ZCtd0,iv:O0pzBe4dHRXWHXmj2WcSTjwHdA4iEHgj8YDjwf5Sk2c=,tag:qp1yn1UkknbWBEb5JpOGsg==,type:str]",
 	"api-config-cache-subscription-key-string": "ENC[AES256_GCM,data:UQHPGVyAvjOZvSrKawbDTSy2qnUDWWZ7J5c8NyS01Fo=,iv:RkCD9v3vGeLGkaJkY6dr3vTcBKpYLyawA8iLePl+G/0=,tag:KjWFHcmhzWLWCyR7LpgbAA==,type:str]",
 	"db-fdr-password": "ENC[AES256_GCM,data:mAhAXUHHCZo=,iv:Xj3lKhVVp5g148J9wIiJC5mxOCtUtp0aEo/HXiaBSpc=,tag:vD4Q3ZNhlDDLe1kmm++vWg==,type:str]",
-	"lightbend-key": "ENC[AES256_GCM,data:LeotLyLzhms8xQWnF6MD04MeJ5Lq9DX8eNrdv5w0UO1ysH0Sb3qvb8em8Ri8kuIP,iv:6/UM8jGXm7FIGpRLYFl+UeWB/azY3slHgf+pAfjoJ9E=,tag:YmT/JaDj9OWDb+K4ibN2Dg==,type:str]",
+	"lightbend-key": "ENC[AES256_GCM,data:X1DhXLbezR7uMGEN+Usl9j1tTYPmDnp1J1jqUSJEJvQCEGLBypLulN8U+RcGUKKK,iv:NRpg8vQHaB+h/GhLOjqBwoYiq/DadPSkeqr/DVVBZaM=,tag:lOO0N1aPMM1dgqp/HioB4A==,type:str]",
 	"otel-auth-bearer": "ENC[AES256_GCM,data:QR3yEM4nVQ+DNizmff1x5+UjDaY4vKz3Imu2g/t6qDG8361puCF8/4WumdgYJhNs0LuAOAGEHE7b9yYq10IB47KB5Uoac5SgvWiy82hkzPbj66EsMBpnu3VpRL2+9b6fMybNgdq6WCfSB37VZn3b,iv:fKEyyGHrNcFJ8EnR+G1wgSRvWcMW6bhbq838bKi/3gU=,tag:kejlnVORdXWIS4IrOag7Sg==,type:str]",
 	"fdr-subscription-key-string": "ENC[AES256_GCM,data:x1khv1tZZnt5Jzpx4id86rGkLZxkybU5Z7z++do8SHo=,iv:gBF8kEb9uX/CA9aSJ1vpjZYzM2hACjXQAFC3hvuquc8=,tag:u+a2s676sJOL57sVPjVkjw==,type:str]",
 	"fdr-internal-product-subscription-key": "ENC[AES256_GCM,data:SqtzA74AgVnq5USwn0K5YwLO3zBYSK/oFJD17N/kKHc=,iv:RKBWEetrdVhpROZ1KsqRj+/hsIW5Wz6vLcQ9sfmH8Vo=,tag:/6cgPgDjlyP65I2qWz39Dw==,type:str]",
@@ -25,10 +25,10 @@
 		],
 		"hc_vault": null,
 		"age": null,
-		"lastmodified": "2024-05-15T16:50:58Z",
-		"mac": "ENC[AES256_GCM,data:DW7ExjPXj7NpfJuuwY7wTnHwGxhaOlfANLr2gqujNdyol9pe6iGsQzQ8yleDftvt6tmqf3JbiXgU/hoB4E2U7C3ZuTiWtQFZXYWDV024sG7Y+92XFCIfAShHfPDFsSj2eRUwEnpiFHZt1k8zbphv4ZKJ8FhZCaS8lLETJ95BUGM=,iv:pknrNCljonnf2wbbPSOurc2ziq/mv1zw4K87P93Xb3A=,tag:RLBFxe598mh4F/LJmRfwcw==,type:str]",
+		"lastmodified": "2024-11-22T09:12:13Z",
+		"mac": "ENC[AES256_GCM,data:7IvoG4lJEFNi5U2evDH8oK4rZ8nuBl74zG9zNpGznnJfm++umZCPyFH+qRiagnvgE3LrX5z/QXc56nYcIH+MAfaP3cmhx5YxuNAZbYIIXJJ5349X1xj6ysTpUjC0jU7HGfB9gpA1ST3rEDpl5oRRAVF/jw2AptZtkoC4z/jMnRQ=,iv:u8X6vzQ8kVgHl7rgesK3iq4U6ZTJHvs/BYCX2V7rTx0=,tag:tC5fZciYjDTRH/zCa2eLYA==,type:str]",
 		"pgp": null,
 		"unencrypted_suffix": "_unencrypted",
-		"version": "3.8.0"
+		"version": "3.9.0"
 	}
 }