Skip to content

How do you think of this model for Terraform-alike? #20

Open
Open
How do you think of this model for Terraform-alike?#20
@Magicloud

Description

@Magicloud
Magicloud
opened on Oct 7, 2021
  1. Having an IAM role only for CI/CD.
  2. At starting of the job, create some AWS secrets from Amber. Restrict them for CI/CD role.
  3. Running Terraform (using data to reference to the secrets).
  4. Succeeded or not, remove all secrets from AWS.

Hence we do not have AWS secrets for long term, and we do not have secret texts in Terraform artifacts.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions