From 93ff54b017ff293401ccefb9a8566abb6d968362 Mon Sep 17 00:00:00 2001 From: "Jeffrey Jonathan Jennings (J3)" Date: Sat, 31 Aug 2024 08:05:35 -0400 Subject: [PATCH] Resolved #13. --- README.md | 8 ++++---- confluent-resources.tf | 4 ++-- providers.tf | 4 ++-- variables.tf | 10 +++++----- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 50b26d5..673f04e 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ # IaC Confluent API Key Rotation Terraform module -This Terraform [module](https://developer.hashicorp.com/terraform/language/modules) is designed to manage the creation and rotation of Confluent Cloud Resource [API Keys](https://docs.confluent.io/cloud/current/access-management/authenticate/api-keys/api-keys.html). The key rotation is triggered based on the number of days since the key's creation, ensuring that keys are regularly updated for enhanced security. You can also configure the module to retain a specific number of API Keys per [Service Account](https://docs.confluent.io/cloud/current/access-management/identity/service-accounts/overview.html), giving you flexibility in how keys are managed. +This Terraform [module](https://developer.hashicorp.com/terraform/language/modules) is designed to manage the creation and rotation of Confluent [API Keys](https://docs.confluent.io/cloud/current/access-management/authenticate/api-keys/api-keys.html). The key rotation is triggered based on the number of days since the key's creation, ensuring that keys are regularly updated for enhanced security. You can also configure the module to retain a specific number of API Keys per [Service Account](https://docs.confluent.io/cloud/current/access-management/identity/service-accounts/overview.html), giving you flexibility in how keys are managed. A Terraform module is essentially a collection of [input](https://developer.hashicorp.com/terraform/language/values/variables) and [output](https://developer.hashicorp.com/terraform/language/values/outputs) variables, resources, and configuration files that encapsulate specific functionality. By defining input variables, you can customize the module's behavior without altering its source code, making it adaptable to various use cases. Output variables provide information that can be used by other modules or configurations. This modular approach not only promotes reusability and composability but also simplifies the sharing of standardized configurations across different Terraform setups, enabling more efficient and consistent infrastructure management. @@ -20,7 +20,7 @@ A Terraform module is essentially a collection of [input](https://developer.hash 1. Take care of the cloud environment prequisities listed below: > You need to have the following cloud accounts: - > - [Confluent Cloud Account](https://confluent.cloud/) + > - [Confluent Account](https://confluent.cloud/) > - [GitHub Account](https://github.com) *with OIDC configured for AWS* > - [Terraform Cloud Account](https://app.terraform.io/) @@ -50,8 +50,8 @@ A Terraform module is essentially a collection of [input](https://developer.hash d. **Pass Input Variables:** Within the same module block, pass the required input variables by defining them as key-value pairs: Input Variable|Variable Required|Description -|-|- - `confluent_cloud_api_key`|Yes|Specifies the Confluent Cloud API Key (also referred as Cloud API ID) - `confluent_cloud_api_secret`|Yes|Specifies the Confluent Cloud API Secret + `confluent_api_key`|Yes|Specifies the Confluent API Key (also referred as Cloud API ID) + `confluent_api_secret`|Yes|Specifies the Confluent API Secret `day_count`|No|[_Defaults to 30 days_] Specifies how many day(s) should the API Key be rotated for `number_of_api_keys_to_retain`|No|[_Defaults to 2 API Keys_] Specifies the number of API Keys to retain `key_display_name`|No|[_Defaults to a display name with current date_] Specifies the name of the human-readable name for the API Key diff --git a/confluent-resources.tf b/confluent-resources.tf index 960f710..7b3dd1b 100644 --- a/confluent-resources.tf +++ b/confluent-resources.tf @@ -1,9 +1,9 @@ -# Create the Confluent Cloud Resouce API Key Pair based on the service account from the Confluent Cloud Resource +# Create the Confluent Resouce API Key Pair based on the service account from the Confluent Resource # (e.g., Kafka Cluster or Schema Registry) resource "confluent_api_key" "resouce_api_key" { count = var.number_of_api_keys_to_retain display_name = replace(var.key_display_name, "{date}", time_static.api_key_rotations[count.index].rfc3339) - description = "Creation of the Confluent Cloud Resource API Key managed by Terraform Cloud using Confluent Cloud Resource API Key Rotation Module" + description = "Creation of the Confluent Resource API Key managed by Terraform Cloud using Confluent API Key Rotation Module" owner { id = var.owner.id diff --git a/providers.tf b/providers.tf index 78ce241..e1d13da 100644 --- a/providers.tf +++ b/providers.tf @@ -1,4 +1,4 @@ provider "confluent" { - cloud_api_key = var.confluent_cloud_api_key - cloud_api_secret = var.confluent_cloud_api_secret + cloud_api_key = var.confluent_api_key + cloud_api_secret = var.confluent_api_secret } diff --git a/variables.tf b/variables.tf index feaa89b..1b69068 100644 --- a/variables.tf +++ b/variables.tf @@ -1,10 +1,10 @@ -variable "confluent_cloud_api_key" { - description = "Confluent Cloud API Key (also referred as Cloud API ID)." +variable "confluent_api_key" { + description = "Confluent API Key (also referred as Cloud API ID)." type = string } -variable "confluent_cloud_api_secret" { - description = "Confluent Cloud API Secret." +variable "confluent_api_secret" { + description = "Confluent API Secret." type = string sensitive = true } @@ -34,7 +34,7 @@ variable "number_of_api_keys_to_retain" { variable "key_display_name" { description = "A descriptive name for the API key." type = string - default = "Confluent Cloud Service Account API Key - {date} - Managed by Terraform Confluent" + default = "Confluent Service Account API Key - {date} - Managed by Terraform Confluent" } variable "owner" {