-
Notifications
You must be signed in to change notification settings - Fork 0
/
aws.tf
30 lines (21 loc) · 797 Bytes
/
aws.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
# Retrieves secrets from AWS secrets manager
data aws_secretsmanager_secret this {
for_each = (local.aws_is_up ? { for name in local.names.aws : name => null } : {})
name = each.key
}
#----
data aws_secretsmanager_secret_version this {
for_each = (local.aws_is_up ? { for name in local.names.aws : name => null } : {})
secret_id = data.aws_secretsmanager_secret.this[each.key].id
}
#----
locals {
aws_is_up = contains(var.stores, "aws")
aws_map = (local.aws_is_up ? {
for nk, secret in local.name_key_map.aws : "aws:${nk}" =>
(secret.has_key ?
lookup(jsondecode(data.aws_secretsmanager_secret_version.this[secret.name].secret_string)
, secret.key, null)
: data.aws_secretsmanager_secret_version.this[secret.name].secret_string)
} : {})
}