diff --git a/google-workspace.tf b/google-workspace.tf index 5ea966a..ea5f4f4 100644 --- a/google-workspace.tf +++ b/google-workspace.tf @@ -7,7 +7,7 @@ provider "google" { module "worklytics_connectors_google_workspace" { - source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors-google-workspace?ref=v0.4.57" + source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors-google-workspace?ref=v0.4.58" providers = { google = google.google_workspace diff --git a/main.tf b/main.tf index e856d6b..0c7aefe 100644 --- a/main.tf +++ b/main.tf @@ -20,7 +20,7 @@ terraform { # general cases module "worklytics_connectors" { - source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors?ref=v0.4.57" + source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors?ref=v0.4.58" enabled_connectors = var.enabled_connectors jira_cloud_id = var.jira_cloud_id @@ -99,12 +99,12 @@ locals { } module "psoxy" { - source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-host?ref=v0.4.57" + source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-host?ref=v0.4.58" environment_name = var.environment_name aws_account_id = var.aws_account_id aws_ssm_param_root_path = var.aws_ssm_param_root_path - aws_secrets_manager_path = var.aws_secrets_manager_path + aws_secrets_manager_path = coalesce(var.aws_secrets_manager_path, "${var.environment_name}_") psoxy_base_dir = var.psoxy_base_dir deployment_bundle = var.deployment_bundle install_test_tool = var.install_test_tool @@ -156,7 +156,7 @@ locals { module "connection_in_worklytics" { for_each = local.all_instances - source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection-aws?ref=v0.4.57" + source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection-aws?ref=v0.4.58" psoxy_instance_id = each.key worklytics_host = var.worklytics_host diff --git a/msft-365.tf b/msft-365.tf index 69392ca..fc0f277 100644 --- a/msft-365.tf +++ b/msft-365.tf @@ -1,7 +1,7 @@ # BEGIN MSFT module "worklytics_connectors_msft_365" { - source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors-msft-365?ref=v0.4.57" + source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors-msft-365?ref=v0.4.58" enabled_connectors = var.enabled_connectors environment_id = var.environment_name @@ -45,7 +45,7 @@ data "aws_region" "current" { module "cognito_identity_pool" { count = local.msft_365_enabled ? 1 : 0 # only provision identity pool if MSFT-365 connectors are enabled - source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-cognito-pool?ref=v0.4.57" + source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-cognito-pool?ref=v0.4.58" developer_provider_name = local.developer_provider_name name = "${local.env_qualifier}-azure-ad-federation" @@ -67,7 +67,7 @@ locals { module "cognito_identity" { count = local.msft_365_enabled ? 1 : 0 # only provision identity pool if MSFT-365 connectors are enabled - source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-cognito-identity-cli?ref=v0.4.57" + source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-cognito-identity-cli?ref=v0.4.58" aws_region = data.aws_region.current.id aws_role = var.aws_assume_role_arn @@ -103,7 +103,7 @@ locals { module "msft_connection_auth_federation" { for_each = local.provision_entraid_apps ? local.enabled_to_entraid_object : local.shared_to_entraid_object - source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-federated-credentials?ref=v0.4.57" + source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-federated-credentials?ref=v0.4.58" application_object_id = each.value.connector_id display_name = "${local.env_qualifier}AccessFromAWS" diff --git a/variables.tf b/variables.tf index da0aa4f..77c5b88 100644 --- a/variables.tf +++ b/variables.tf @@ -75,6 +75,11 @@ variable "secrets_store_implementation" { type = string description = "one of 'aws_ssm_parameter_store' (default) or 'aws_secrets_manager'" default = "aws_ssm_parameter_store" + + validation { + error_message = "The `secrets_store_implementation` value must be one of 'aws_ssm_parameter_store' or 'aws_secrets_manager'." + condition = var.secrets_store_implementation == "aws_ssm_parameter_store" || var.secrets_store_implementation == "aws_secrets_manager" + } } variable "project_aws_kms_key_arn" {