Skip to content

[DEV-13689] Add vault integration to lambda #519

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
ltellesfl wants to merge 2 commits into
base: main
Choose a base branch
from
Open

[DEV-13689] Add vault integration to lambda #519

ltellesfl wants to merge 2 commits into from

Conversation

@ltellesfl
Copy link
Contributor

@ltellesfl ltellesfl commented Dec 23, 2025

No description provided.

NathanOkolita
NathanOkolita reviewed Dec 26, 2025
View reviewed changes
application.tf
environment = var.load_environment == "" ? local.environment : lower(var.load_environment)
lambda_sns_forwarder_enabled = var.lambda_sns_forwarder_enabled
lambda_sns_forwarder_iam_principal_arn = local.environment_lambda_sns_forwarder_iam_principal_arn
aws_access_key = var.aws_access_key
Copy link
Contributor

@NathanOkolita NathanOkolita Dec 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why are these being passed in?

Copy link
Contributor Author

@ltellesfl ltellesfl Dec 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

vault aws integration requires to setup aws credentials for the account

NathanOkolita
NathanOkolita reviewed Dec 26, 2025
View reviewed changes
modules/common/vault-secrets-operator-setup/operator-setup.tf
}
}
provisioner "local-exec" {
command = "./vault write auth/aws/${local.account_region_name}/config/client secret_key=${var.aws_secret_key} access_key=${var.aws_access_key}"
Copy link
Contributor

@NathanOkolita NathanOkolita Dec 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm very uncomfortable with this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@NathanOkolita NathanOkolita NathanOkolita left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ltellesfl @NathanOkolita