-
Notifications
You must be signed in to change notification settings - Fork 1
Description
What is the problem this feature will solve?
Currently there are some pre-requisite resources that need to be provisioned before applying the source and destination modules.
in destination:
kms_keyfor encrypting the vault
in source:
bootstrap_kms_key_arnfor encrypting the alerts SNS queuereports_bucketfor dropping reports into
Someone correct me if I'm wrong, but I believe we can include all of those in the modules so they're created on apply, rather than have them passed in as variables. The two keys aren't ones that we want to manage manually, and we ideally want the reports_bucket to be in a predictable place to make #7 tractable.
What is the feature that you are proposing to solve the problem?
Add the above resources to the source and destination modules.
What alternatives have you considered?
It's not clear to me why it makes sense in CSMS to pass these variables in. I'm sure the reasoning is valid in that context, but I think it's worth knowing whether that logic is generally applicable or whether we can lower the barrier to entry here.
Code of Conduct
- I agree to follow this project's Code of Conduct
Sensitive Information Declaration
- I confirm that neither PII/PID nor sensitive data are included in this form