diff --git a/operations/terraform/deployed_env/ecs.tf b/operations/terraform/deployed_env/ecs.tf index 86bbad8..4fd55a5 100644 --- a/operations/terraform/deployed_env/ecs.tf +++ b/operations/terraform/deployed_env/ecs.tf @@ -1,10 +1,5 @@ -resource "aws_secretsmanager_secret" "pmapi_auth" { - name = "${local.environment_name}-AuthSecret" - tags = { Environment = local.environment_name } -} - -resource "aws_secretsmanager_secret" "pmapi_db_conn_string" { - name = "${local.environment_name}-DbConnString" +resource "aws_secretsmanager_secret" "pmapi" { + name = "${local.environment_name}-Config" tags = { Environment = local.environment_name } } @@ -38,12 +33,17 @@ resource "aws_ecs_task_definition" "pmapi" { { name = "AUTH_SECRET" description = "Auth secret used to hash and salt passwords." - valueFrom = aws_secretsmanager_secret.pmapi_auth.arn + valueFrom = "${aws_secretsmanager_secret.pmapi.arn}:authSecret::" }, { name = "DB_CONN_STRING" description = "Connection string with user credentials." - valueFrom = aws_secretsmanager_secret.pmapi_db_conn_string.arn + valueFrom = "${aws_secretsmanager_secret.pmapi.arn}:dbConnString::" + }, + { + name = "KNOWN_ORIGINS" + description = "Connection string with user credentials." + valueFrom = "${aws_secretsmanager_secret.pmapi.arn}:knownOrigins::" } ] } diff --git a/operations/terraform/deployed_env/iam.tf b/operations/terraform/deployed_env/iam.tf index b75cb1c..bd1e588 100644 --- a/operations/terraform/deployed_env/iam.tf +++ b/operations/terraform/deployed_env/iam.tf @@ -27,8 +27,7 @@ resource "aws_iam_role" "ecs_task" { "kms:Decrypt" ] Resource = [ - aws_secretsmanager_secret.pmapi_auth.arn, - aws_secretsmanager_secret.pmapi_db_conn_string.arn + aws_secretsmanager_secret.pmapi.arn ] } ]