From b22aaa2d215c85688ceb5c03912f9a2226d2abad Mon Sep 17 00:00:00 2001 From: TomJKing Date: Thu, 12 Oct 2023 08:39:35 +0100 Subject: [PATCH] Remove developer role as not used on intg --- da-terraform-modules | 2 +- root_export_bucket_access.tf | 8 +------- tdr-configurations | 2 +- 3 files changed, 3 insertions(+), 9 deletions(-) diff --git a/da-terraform-modules b/da-terraform-modules index c2b9fad9..c65c877a 160000 --- a/da-terraform-modules +++ b/da-terraform-modules @@ -1 +1 @@ -Subproject commit c2b9fad96cacf15e252609ba60c3e0d3253739eb +Subproject commit c65c877a4adf208923c16a0d097848de3b3dbe0b diff --git a/root_export_bucket_access.tf b/root_export_bucket_access.tf index d8ebd5e3..3661239f 100644 --- a/root_export_bucket_access.tf +++ b/root_export_bucket_access.tf @@ -1,9 +1,7 @@ # AWS SSO groups that require access to encrypted s3 export buckets need updating with relevant decrypt permissions for KMS s3 Key locals { - aws_sso_export_bucket_access_roles = local.environment == "intg" ? [ - data.aws_ssm_parameter.aws_sso_admin_role.value, data.aws_ssm_parameter.aws_sso_developer_role.value, data.aws_ssm_parameter.aws_sso_export_role.value] : [ - data.aws_ssm_parameter.aws_sso_admin_role.value, data.aws_ssm_parameter.aws_sso_export_role.value] + aws_sso_export_bucket_access_roles = [data.aws_ssm_parameter.aws_sso_admin_role.value, data.aws_ssm_parameter.aws_sso_export_role.value] } data "aws_ssm_parameter" "aws_sso_admin_role" { @@ -14,10 +12,6 @@ data "aws_ssm_parameter" "aws_sso_export_role" { name = "/${local.environment}/export_role" } -data "aws_ssm_parameter" "aws_sso_developer_role" { - name = "/${local.environment}/developer_role" -} - module "aws_sso_export_roles_ssm_parameters" { source = "./da-terraform-modules/ssm_parameter" parameters = [ diff --git a/tdr-configurations b/tdr-configurations index b8dae266..ebee304c 160000 --- a/tdr-configurations +++ b/tdr-configurations @@ -1 +1 @@ -Subproject commit b8dae26657cf34fdf4713cda1e910379e4ee8b20 +Subproject commit ebee304cb7b7a28af9a0d65c6accf0fb1706d3ac