add state and remove unused params

Altinn · Jul 22, 2024 · 73dee31 · 73dee31
1 parent 2bcd854
commit 73dee31
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 28 deletions.
diff --git a/infrastructure/modules/key_vault/main.tf b/infrastructure/modules/key_vault/main.tf
@@ -37,10 +37,9 @@ resource "azurerm_key_vault" "key_vault" {
 
 # https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment
 resource "azurerm_role_assignment" "key_vault_administrator" {
-  scope                            = azurerm_key_vault.key_vault.id
-  principal_id                     = data.azurerm_client_config.current.object_id
-  role_definition_name             = data.azurerm_role_definition.key_vault_administrator.name
-  skip_service_principal_aad_check = true
+  scope                = azurerm_key_vault.key_vault.id
+  principal_id         = data.azurerm_client_config.current.object_id
+  role_definition_name = data.azurerm_role_definition.key_vault_administrator.name
 }
 
 # https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint

diff --git a/infrastructure/modules/postgres_server/main.tf b/infrastructure/modules/postgres_server/main.tf
@@ -9,7 +9,6 @@ data "azurerm_role_definition" "key_vault_crypto_officer" {
   role_definition_id = "14b46e9e-c2b7-41b4-b07b-48a6ebf60603"
 }
 
-
 # https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/user_assigned_identity
 resource "azurerm_user_assigned_identity" "postgres_server" {
   name                = "mipsqlsrv${var.metadata.suffix}"
@@ -25,6 +24,7 @@ resource "azurerm_role_assignment" "key_vault_crypto_officer" {
   skip_service_principal_aad_check = true
 }
 
+# https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server
 resource "azurerm_postgresql_flexible_server" "postgres_server" {
   name                = "psqlsrv${var.metadata.suffix}"
   resource_group_name = data.azurerm_resource_group.postgres_server.name
@@ -35,16 +35,13 @@ resource "azurerm_postgresql_flexible_server" "postgres_server" {
   private_dns_zone_id           = var.dns_zone
   public_network_access_enabled = false
 
-  administrator_login    = "psqladmin"
-  administrator_password = random_password.administrator_password.result
-  zone                   = "1"
-
+  zone              = "1"
   storage_mb        = var.storage_mb
   auto_grow_enabled = true
 
   authentication {
     active_directory_auth_enabled = true
-    password_auth_enabled         = true
+    password_auth_enabled         = false
     tenant_id                     = data.azurerm_client_config.current.tenant_id
   }
 
@@ -62,19 +59,6 @@ resource "azurerm_postgresql_flexible_server" "postgres_server" {
   sku_name     = "GP_Standard_D4s_v3"
 }
 
-# https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password
-resource "random_password" "administrator_password" {
-  length = 30
-}
-
-# https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret
-resource "azurerm_key_vault_secret" "administrator_password" {
-  name         = "Postgres--AdminPassword"
-  content_type = "text/plain"
-  key_vault_id = var.key_vault_id
-  value        = random_password.administrator_password.result
-}
-
 # https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key
 resource "azurerm_key_vault_key" "postgres_server" {
   name         = "Postgres"

diff --git a/infrastructure/shared/main.tf b/infrastructure/shared/main.tf
@@ -10,9 +10,9 @@ terraform {
     }
   }
 
-  # backend "azurerm" {
-  #   use_azuread_auth = true
-  # }
+  backend "azurerm" {
+    use_azuread_auth = true
+  }
 }
 
 locals {
@@ -88,7 +88,7 @@ module "service_bus" {
   subnet_id              = module.vnet.subnets["default"].id
   permitted_ip_addresses = [module.nat.ip]
 
-  depends_on = [azurerm_resource_group.authorization]
+  depends_on = [azurerm_resource_group.authorization, module.key_vault]
 }
 
 module "postgres_server" {
@@ -99,4 +99,6 @@ module "postgres_server" {
   dns_zone     = module.dns.zones["postgres"].id
   key_vault_id = module.key_vault.id
   subnet_id    = module.vnet.subnets["postgres"].id
+
+  depends_on = [azurerm_resource_group.authorization, module.key_vault]
 }
diff --git a/infrastructure/shared/variables.tf b/infrastructure/shared/variables.tf
@@ -5,7 +5,7 @@ variable "location" {
 
 variable "instance" {
   type    = string
-  default = "002"
+  default = "001"
 }
 
 variable "environment" {