forked from terraform-ibm-modules/terraform-ibm-landing-zone
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsecrets_manager.tf
37 lines (31 loc) · 1.24 KB
/
secrets_manager.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
##############################################################################
# Secrets Manager
##############################################################################
resource "ibm_resource_instance" "secrets_manager" {
count = var.secrets_manager.use_secrets_manager ? 1 : 0
name = var.secrets_manager.name
service = "secrets-manager"
location = var.region
plan = "standard"
resource_group_id = var.secrets_manager.resource_group == null ? null : local.resource_groups[var.secrets_manager.resource_group]
tags = var.tags
parameters = {
kms_key = (
lookup(var.secrets_manager, "kms_key_name", null) != null
? module.key_management.key_map[var.secrets_manager.kms_key_name].id
: null
)
}
timeouts {
create = "1h"
delete = "1h"
}
depends_on = [ibm_iam_authorization_policy.policy]
}
resource "ibm_resource_tag" "secrets_manager_tag" {
count = var.secrets_manager.use_secrets_manager ? 1 : 0
resource_id = ibm_resource_instance.secrets_manager[count.index].crn
tag_type = "access"
tags = var.secrets_manager.access_tags
}
##############################################################################