Jeremy Cooper [AFS MBP]
67c98b7677
Updates IMDS & ECR encryption syntax | tfsec/chekov ignores |
|
před 3 roky | |
|---|---|---|
| .. | ||
| README.md | před 3 roky | |
| accounts.tf | před 3 roky | |
| constants.tf | před 3 roky | |
| ghe-key.tf | před 3 roky | |
| globals.tf | před 3 roky | |
| lifecycle-policy.json | před 4 roky | |
| main.tf | před 3 roky | |
| vars.tf | před 3 roky | |
README.md
How to Use this Module
Customer Portal was different enough that it needed its own module.
This module is where the CodeBuild projects are created. It uses the Terraform GitHub Provider and requires a Personal Access Token. This should be your Personal Access Token not mdr-aws-codebuild's token. The provider will look in the environmental variables for the token.
export GITHUB_TOKEN=<gihub_token>
This module should NOT create the github repo. That is a manual process. I am not comfortable with terraform adding/removing github repos. The github repo should have the same name as the name variable in the terrafgrunt.hcl file.
Github Service Account ( mdr-aws-codebuild )
AWS CodeBuild needs a Github Personal Access Token to pull code after the code in a repository has been updated. This is the mdr-aws-codebuild account. The secret github token
is stored in the C2 account and automatically added.
Despite the Web Interface, there can be only one GHE token per account and region.
The mdr-aws-codebuild user must have read access to the repositories you wish to build from.