Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

share the redirect_action_secret with experience account #330

Merged
merged 1 commit into from
Jun 20, 2022
Merged

share the redirect_action_secret with experience account #330

merged 1 commit into from
Jun 20, 2022

Conversation

melanierogan
Copy link
Contributor

@melanierogan melanierogan commented Jun 20, 2022
edited
Loading

This means AUTH0_ACTION_SECRET is shared with weco frontend and secrets can stay in sync

Terrform plan

Terraform will perform the following actions:

  # auth0_connection.sierra will be updated in-place
  ~ resource "auth0_connection" "sierra" {
      ~ enabled_clients      = [
          - "[redacted]",
            # (7 unchanged elements hidden)
        ]
        id                   = "[redacted]"
        name                 = "Sierra-Connection"
        # (4 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # aws_cloudwatch_event_rule.auth0_logs will be updated in-place
  ~ resource "aws_cloudwatch_event_rule" "auth0_logs" {
        id             = "aws.partner/auth0.com/wellcomecollection-stage-[redacted]/auth0.logs/capture-auth0-errors-stage"
      ~ is_enabled     = false -> true
        name           = "capture-auth0-errors-stage"
        tags           = {}
        # (5 unchanged attributes hidden)
    }

  # module.secrets_experience.aws_secretsmanager_secret.secret["identity/stage/redirect_action_secret"] will be created
  + resource "aws_secretsmanager_secret" "secret" {
      + arn                     = (known after apply)
      + id                      = (known after apply)
      + name                    = "identity/stage/redirect_action_secret"
      + name_prefix             = (known after apply)
      + policy                  = (known after apply)
      + recovery_window_in_days = 30
      + rotation_enabled        = (known after apply)
      + rotation_lambda_arn     = (known after apply)
      + tags_all                = {
          + "Environment"               = "stage"
          + "ManagedBy"                 = "Terraform"
          + "Project"                   = "Identity"
          + "TerraformConfigurationURL" = "https://github.com/wellcomecollection/identity/tree/main/infra/scoped"
        }

      + rotation_rules {
          + automatically_after_days = (known after apply)
        }
    }

  # module.secrets_experience.aws_secretsmanager_secret_version.secret["identity/stage/redirect_action_secret"] will be created
  + resource "aws_secretsmanager_secret_version" "secret" {
      + arn            = (known after apply)
      + id             = (known after apply)
      + secret_id      = (known after apply)
      + secret_string  = (sensitive value)
      + version_id     = (known after apply)
      + version_stages = (known after apply)
    }

Plan: 2 to add, 2 to change, 0 to destroy.

Towards wellcomecollection/wellcomecollection.org#7896

@melanierogan melanierogan merged commit 1117bdb into main Jun 20, 2022
@alexwlchan alexwlchan deleted the fix/make-auth0-redirect-secret-available branch June 21, 2022 10:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@davidpmccormick davidpmccormick davidpmccormick approved these changes

@alexwlchan alexwlchan Awaiting requested review from alexwlchan

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@melanierogan @davidpmccormick