Skip to content

Commit

Permalink
Merge pull request #93 from SazniMohamed/main-aug-19
Browse files Browse the repository at this point in the history 
Update AKS Firewall module to add key_vault_secrets_provider metablock only if enabled
  • Loading branch information
@Uvindu96
Uvindu96 authored Aug 19, 2024
2 parents 4cb31b1 + 915249b commit eeb1404
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 3 deletions.
7 changes: 5 additions & 2 deletions modules/azurerm/AKS-Firewall/aks_cluster.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,10 @@ resource "azurerm_kubernetes_cluster" "aks_cluster" {
outbound_type = "userDefinedRouting"
}

key_vault_secrets_provider {
secret_rotation_enabled = var.secret_rotation_enabled
dynamic "key_vault_secrets_provider" {
for_each = var.secret_rotation_enabled ? [1] : []
content {
secret_rotation_enabled = var.secret_rotation_enabled
}
}
}
2 changes: 1 addition & 1 deletion modules/azurerm/AKS-Firewall/outputs.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ output "node_resource_group" {

output "aks_key_vault_secrets_provider_identity" {
depends_on = [azurerm_kubernetes_cluster.aks_cluster]
value = azurerm_kubernetes_cluster.aks_cluster.key_vault_secrets_provider[0].secret_identity[0].object_id
value = var.secret_rotation_enabled ? azurerm_kubernetes_cluster.aks_cluster.key_vault_secrets_provider[0].secret_identity[0].object_id : null
}

output "oidc_issuer_url" {
Expand Down

0 comments on commit eeb1404

Please sign in to comment.