|
|
@@ -18,23 +18,23 @@
|
|
|
# We could specify a pgp_key attribute, and then the secret will be encrypted
|
|
|
# in both the state file and in the output. If we used the salt PGP key,
|
|
|
# no user would ever have to see the secret key.
|
|
|
-resource "aws_iam_access_key" "moose-hf-v0" {
|
|
|
+resource "aws_iam_access_key" "moose-hf-v1" {
|
|
|
user = aws_iam_user.moose-hf.name
|
|
|
}
|
|
|
|
|
|
-resource "aws_iam_access_key" "moose-hf-v1" {
|
|
|
+resource "aws_iam_access_key" "moose-hf-v2" {
|
|
|
user = aws_iam_user.moose-hf.name
|
|
|
}
|
|
|
|
|
|
output "access_keys" {
|
|
|
value = {
|
|
|
"current" = {
|
|
|
- "aws_access_key_id" : aws_iam_access_key.moose-hf-v1.id
|
|
|
- "aws_secret_access_key" : aws_iam_access_key.moose-hf-v1.secret
|
|
|
+ "aws_access_key_id" : aws_iam_access_key.moose-hf-v2.id
|
|
|
+ "aws_secret_access_key" : aws_iam_access_key.moose-hf-v2.secret
|
|
|
},
|
|
|
"previous" = {
|
|
|
- "aws_access_key_id" : aws_iam_access_key.moose-hf-v0.id
|
|
|
- "aws_secret_access_key" : aws_iam_access_key.moose-hf-v0.secret
|
|
|
+ "aws_access_key_id" : aws_iam_access_key.moose-hf-v1.id
|
|
|
+ "aws_secret_access_key" : aws_iam_access_key.moose-hf-v1.secret
|
|
|
}
|
|
|
}
|
|
|
sensitive = true
|
Fred Damstra [afs macbook]