From 608545603c3aa0f5447b646b8d3bde7e777da77a Mon Sep 17 00:00:00 2001 From: william Falconer Date: Wed, 13 Oct 2021 11:07:34 +0100 Subject: [PATCH 1/2] remove existing key as this is not correct. --- terraform/account/credentials.tf | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/terraform/account/credentials.tf b/terraform/account/credentials.tf index 38d406c906..9c02b3d19b 100644 --- a/terraform/account/credentials.tf +++ b/terraform/account/credentials.tf @@ -25,6 +25,15 @@ provider "aws" { } } +provider "aws" { + alias = "eu_west_2" + region = "eu-west-2" + assume_role { + role_arn = "arn:aws:iam::${local.account_id}:role/${var.default_role}" + session_name = "terraform-session" + } +} + provider "aws" { alias = "us_east_1" region = "us-east-1" From 0ebcf2cf9d51591ab164f18bd48ad60f5f53339c Mon Sep 17 00:00:00 2001 From: william Falconer Date: Wed, 13 Oct 2021 11:07:49 +0100 Subject: [PATCH 2/2] remove single region key used for testing --- terraform/account/put_secrets.tf | 9 --------- 1 file changed, 9 deletions(-) diff --git a/terraform/account/put_secrets.tf b/terraform/account/put_secrets.tf index d3b431cc26..d44de2b04b 100644 --- a/terraform/account/put_secrets.tf +++ b/terraform/account/put_secrets.tf @@ -2,15 +2,6 @@ resource "aws_kms_key" "secrets_encryption_key" { enable_key_rotation = true } -resource "aws_kms_key" "rds_snapshot_cross_region_encryption_key" { - enable_key_rotation = true -} - -resource "aws_kms_alias" "rds_snapshot_cross_region_encryption" { - target_key_id = aws_kms_key.rds_snapshot_cross_region_encryption_key.key_id - name = "alias/rds-snapshot-cross-region-encryption-key" -} - # common resource "aws_secretsmanager_secret" "opg_lpa_common_admin_accounts" { name = "${local.account_name}/opg_lpa_common_admin_accounts"