diff --git a/infra/terraform/modules/service/README.md b/infra/terraform/modules/service/README.md index 426e6013cb..c142a6fb26 100644 --- a/infra/terraform/modules/service/README.md +++ b/infra/terraform/modules/service/README.md @@ -42,6 +42,7 @@ | [aws_cloudfront_log_delivery_canonical_user_id.cloudfront](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/cloudfront_log_delivery_canonical_user_id) | data source | | [aws_route53_zone.public](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route53_zone) | data source | | [aws_s3_bucket.assets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/s3_bucket) | data source | +| [aws_secretsmanager_secret.application_api](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/secretsmanager_secret) | data source | ## Inputs diff --git a/infra/terraform/modules/service/batch.tf b/infra/terraform/modules/service/batch.tf index 2313a3069a..e1db80702c 100644 --- a/infra/terraform/modules/service/batch.tf +++ b/infra/terraform/modules/service/batch.tf @@ -1,5 +1,9 @@ data "aws_caller_identity" "current" {} +data "aws_secretsmanager_secret" "application_api" { + name = "DEVAPP${var.legacy_environment}-BASE-SM-APPLICATION-API" +} + locals { default_retry_policy = { attempts = 1 @@ -57,7 +61,7 @@ locals { secrets = [ { name = "DB_PASSWORD" - valueFrom = "${var.batch.api_secret_file}:olcs_api_rds_password::" + valueFrom = "${data.aws_secretsmanager_secret.application_api.arn}:olcs_api_rds_password:::" }, ] } @@ -87,7 +91,7 @@ locals { secrets = [ { name = "DB_PASSWORD" - valueFrom = "${var.batch.api_secret_file}:olcs_api_rds_password::" + valueFrom = "${data.aws_secretsmanager_secret.application_api.arn}:olcs_api_rds_password:::" }, ] } @@ -327,4 +331,4 @@ module "sns_batch_failure" { resource "aws_cloudwatch_log_group" "this" { name = "/aws/batch/vol-app-${var.environment}" retention_in_days = 1 -} \ No newline at end of file +}