Updating Terraform Azure Service Principal PRIME-ReportStream-Terrafo…

…rm (#17033) * Updating Terraform Azure Service Principal PRIME-ReportStream-Terraform * Correcting issues caused by previous updates --------- Co-authored-by: matts <[email protected]>
CDCgov · Jan 13, 2025 · fbede22 · fbede22
1 parent 417443f
commit fbede22
Show file tree

Hide file tree

Showing 6 changed files with 11 additions and 11 deletions.
diff --git a/operations/app/terraform/modules/init/key_vault.tf b/operations/app/terraform/modules/init/key_vault.tf
@@ -107,7 +107,7 @@ resource "azurerm_key_vault_access_policy" "init_tf" {
   key_vault_id = azurerm_key_vault.init[each.value].id
   tenant_id    = data.azurerm_client_config.current.tenant_id
   // terraform-automation 5ab367bf-df15-45af-a027-47f95f2c75d8
-  object_id = "4d81288c-27a3-4df8-b776-c9da8e688bc7"
+  object_id = "a58ee002-62c7-4a91-a2dc-4a837663aa00"
 
   key_permissions = [
     "Create",

diff --git a/operations/app/terraform/vars/demo/locals.tf b/operations/app/terraform/vars/demo/locals.tf
@@ -26,7 +26,7 @@ locals {
     tf_secrets_vault      = "pdh${local.init.environment}-keyvault${local.init.random_id}"
   }
   ad = {
-    terraform_object_id       = "4d81288c-27a3-4df8-b776-c9da8e688bc7"
+    terraform_object_id       = "a58ee002-62c7-4a91-a2dc-4a837663aa00"
     aad_object_keyvault_admin = "3c17896c-ff94-4298-a719-aaac248aa2c8"
     aad_group_postgres_admin  = "f94409a9-12b1-4820-a1b6-e3e0a4fa282d"
   }

diff --git a/operations/app/terraform/vars/prod/locals.tf b/operations/app/terraform/vars/prod/locals.tf
@@ -25,7 +25,7 @@ locals {
     tf_secrets_vault      = "pdh${local.init.environment}-keyvault"
   }
   ad = {
-    terraform_object_id       = "4d81288c-27a3-4df8-b776-c9da8e688bc7"
+    terraform_object_id       = "a58ee002-62c7-4a91-a2dc-4a837663aa00"
     aad_object_keyvault_admin = "5c6a951e-a4c2-4890-b62c-0ed8179501bb"
     aad_group_postgres_admin  = "c4031f1f-229c-4a8a-b3b9-23bae9dbf197"
   }

diff --git a/operations/app/terraform/vars/staging/locals.tf b/operations/app/terraform/vars/staging/locals.tf
@@ -25,7 +25,7 @@ locals {
     tf_secrets_vault      = "pdh${local.init.environment}-keyvault"
   }
   ad = {
-    terraform_object_id       = "4d81288c-27a3-4df8-b776-c9da8e688bc7"
+    terraform_object_id       = "a58ee002-62c7-4a91-a2dc-4a837663aa00"
     aad_object_keyvault_admin = "b35a2a63-aeb2-438c-913b-bebeb821adfe"
     aad_group_postgres_admin  = "c4031f1f-229c-4a8a-b3b9-23bae9dbf197"
   }

diff --git a/operations/app/terraform/vars/test/locals.tf b/operations/app/terraform/vars/test/locals.tf
@@ -25,7 +25,7 @@ locals {
     tf_secrets_vault      = "pdh${local.init.environment}-keyvault"
   }
   ad = {
-    terraform_object_id       = "4d81288c-27a3-4df8-b776-c9da8e688bc7"
+    terraform_object_id       = "a58ee002-62c7-4a91-a2dc-4a837663aa00"
     aad_object_keyvault_admin = "3c17896c-ff94-4298-a719-aaac248aa2c8"
     aad_group_postgres_admin  = "f94409a9-12b1-4820-a1b6-e3e0a4fa282d"
   }

diff --git a/prime-router/docs/docs-deprecated/environment-provisioning.md b/prime-router/docs/docs-deprecated/environment-provisioning.md
@@ -6,7 +6,7 @@ Any adjustments to the infrastructure provisining process should be noted here s
 2. [Trial Frontend Environments](#trial-frontend-environments)
 
 ## Azure Prerequisites
-We assume the following infrastructure has already been deployed by CMS. 
+We assume the following infrastructure has already been deployed by CMS.
  - Resource Group for underlying infrastructure
  - Storage Account - Used to store the terraform tf state.
  - You will need to authenticate the az command line application using your SU account:
@@ -42,14 +42,14 @@ Push (or merge) code into any of the following branches:
 > 1. Navigate to `demo` Terraform directory using one of the following methods:
 >    * `terraform -chdir=operations/app/terraform/vars/demo`
 >    * `operations/app/terraform/vars/demo terraform`
-> 
+>
 > 2. Specify `-var-file` and `-backend-config` from the desired demo directory (demo1, demo2, or demo3)
 >    * `-var-file=demo1/env.tfvars.json`
 >    * `-backend-config=demo1/env.tfbackend`
-> 
+>
 > 3. Target the `init` Terraform module to `apply` base resources (vnets, key vaults, etc.)
 >    * `-target=module.init`
-> 
+>
 > 4. After base resources are created, run `apply` without a target
 
 ### Specify environment & Terraform path
@@ -84,11 +84,11 @@ echo "init complete"
 # Import access polices that are shared with init and key_vault modules
 terraform -chdir=$path import -var-file=$env/env.tfvars.json \
 module.key_vault.azurerm_key_vault_access_policy.terraform_app_config_access_policy[0] \
-"/subscriptions/7d1e3999-6577-4cd5-b296-f518e5c8e677/resourceGroups/prime-data-hub-$env/providers/Microsoft.KeyVault/vaults/pdh$env-appconfigmt8/objectId/4d81288c-27a3-4df8-b776-c9da8e688bc7"
+"/subscriptions/7d1e3999-6577-4cd5-b296-f518e5c8e677/resourceGroups/prime-data-hub-$env/providers/Microsoft.KeyVault/vaults/pdh$env-appconfigmt8/objectId/a58ee002-62c7-4a91-a2dc-4a837663aa00"
 
 terraform -chdir=$path import -var-file=$env/env.tfvars.json \
  module.key_vault.azurerm_key_vault_access_policy.terraform_access_policy[0] \
-"/subscriptions/7d1e3999-6577-4cd5-b296-f518e5c8e677/resourceGroups/prime-data-hub-$env/providers/Microsoft.KeyVault/vaults/pdh$env-keyvaultmt8/objectId/4d81288c-27a3-4df8-b776-c9da8e688bc7"
+"/subscriptions/7d1e3999-6577-4cd5-b296-f518e5c8e677/resourceGroups/prime-data-hub-$env/providers/Microsoft.KeyVault/vaults/pdh$env-keyvaultmt8/objectId/a58ee002-62c7-4a91-a2dc-4a837663aa00"
 
 for i in {1..3}; do \
 terraform -chdir=$path apply \