diff --git a/terraform/000-core/vars.tf b/terraform/000-core/vars.tf index 8cd6448..63caf25 100644 --- a/terraform/000-core/vars.tf +++ b/terraform/000-core/vars.tf @@ -12,11 +12,13 @@ variable "cert_domain" { variable "create_acm_cert" { description = "Set to true if an ACM certificate is needed" + type = bool default = false } variable "create_cd_user" { description = "Set to false if an IAM user for continuous deployment is not needed" + type = bool default = true } @@ -36,4 +38,3 @@ variable "appconfig_app_name" { type = string default = "" } - diff --git a/terraform/010-cluster/vars.tf b/terraform/010-cluster/vars.tf index 0c0f34c..40c1da4 100644 --- a/terraform/010-cluster/vars.tf +++ b/terraform/010-cluster/vars.tf @@ -100,6 +100,6 @@ variable "vpc_cidr_block" { variable "log_retention_in_days" { description = "Number of days to retain CloudWatch application logs" - default = 30 type = number + default = 30 } diff --git a/terraform/022-ecr/README.md b/terraform/022-ecr/README.md index 8d2a357..2ecebf3 100644 --- a/terraform/022-ecr/README.md +++ b/terraform/022-ecr/README.md @@ -26,7 +26,6 @@ This module is used to create ECR image repositories for ECS services module "ecr" { source = "github.com/silinternational/idp-in-a-box//terraform/022-ecr" idp_name = var.idp_name - app_env = var.app_env ecsInstanceRole_arn = data.terraform_remote_state.core.ecsInstanceRole_arn ecsServiceRole_arn = data.terraform_remote_state.core.ecsServiceRole_arn cd_user_arn = data.terraform_remote_state.core.cduser_arn diff --git a/terraform/022-ecr/vars.tf b/terraform/022-ecr/vars.tf index a416334..b465aad 100644 --- a/terraform/022-ecr/vars.tf +++ b/terraform/022-ecr/vars.tf @@ -1,7 +1,3 @@ -variable "app_env" { - type = string -} - variable "idp_name" { type = string } @@ -17,4 +13,3 @@ variable "ecsServiceRole_arn" { variable "cd_user_arn" { type = string } - diff --git a/terraform/030-phpmyadmin/main.tf b/terraform/030-phpmyadmin/main.tf index e7f5ea6..953b2b8 100644 --- a/terraform/030-phpmyadmin/main.tf +++ b/terraform/030-phpmyadmin/main.tf @@ -13,4 +13,6 @@ module "phpmyadmin" { alb_dns_name = var.alb_dns_name enable = var.enable upload_limit = var.upload_limit + cpu = var.cpu + memory = var.memory } diff --git a/terraform/030-phpmyadmin/vars.tf b/terraform/030-phpmyadmin/vars.tf index c08a123..7c2ab29 100644 --- a/terraform/030-phpmyadmin/vars.tf +++ b/terraform/030-phpmyadmin/vars.tf @@ -52,10 +52,12 @@ variable "alb_dns_name" { } variable "cpu" { + type = string default = "32" } variable "memory" { + type = string default = "128" } diff --git a/terraform/031-email-service/README.md b/terraform/031-email-service/README.md index 77da880..358c65b 100644 --- a/terraform/031-email-service/README.md +++ b/terraform/031-email-service/README.md @@ -27,10 +27,8 @@ This module is used to create an ECS service running email-service. - `mysql_pass` - MySQL password for email-service - `mysql_user` - MySQL username for email-service - `notification_email` - Email address to send alerts/notifications to - - `ssl_policy` - SSL policy - `subdomain` - Subdomain for email-service - `vpc_id` - ID for VPC - - `wildcard_cert_arn` - ARN to ACM wildcard certificate ## Optional Inputs @@ -89,9 +87,7 @@ module "email" { mysql_pass = data.terraform_remote_state.database.db_emailservice_pass mysql_user = var.mysql_user notification_email = var.notification_email - ssl_policy = var.ssl_policy subdomain = var.email_subdomain vpc_id = data.terraform_remote_state.cluster.vpc_id - wildcard_cert_arn = data.terraform_remote_state.cluster.wildcard_cert_arn } ``` diff --git a/terraform/031-email-service/vars.tf b/terraform/031-email-service/vars.tf index 0616dfd..47c60b4 100644 --- a/terraform/031-email-service/vars.tf +++ b/terraform/031-email-service/vars.tf @@ -7,12 +7,6 @@ variable "app_name" { default = "email-service" } -variable "aws_region" { - description = "WARNING: This is not used. The region is more reliably determined from the aws_region data source." - type = string - default = "" -} - variable "cloudflare_domain" { type = string } @@ -22,10 +16,12 @@ variable "cloudwatch_log_group_name" { } variable "cpu_api" { + type = string default = "32" } variable "cpu_cron" { + type = string default = "100" } @@ -117,10 +113,12 @@ variable "mailer_username" { } variable "memory_api" { + type = string default = "96" } variable "memory_cron" { + type = string default = "32" } @@ -140,10 +138,6 @@ variable "notification_email" { type = string } -variable "ssl_policy" { - type = string -} - variable "subdomain" { description = "The subdomain for email-service, without an embedded region in it (e.g. 'email', NOT 'email-us-east-1')" type = string @@ -153,11 +147,8 @@ variable "vpc_id" { type = string } -variable "wildcard_cert_arn" { - type = string -} - variable "enable_cron" { + type = bool default = true } diff --git a/terraform/032-db-backup/README.md b/terraform/032-db-backup/README.md index a7fe972..b69aab0 100644 --- a/terraform/032-db-backup/README.md +++ b/terraform/032-db-backup/README.md @@ -13,12 +13,10 @@ This module is used to run mysqldump and backup files to S3 - `cloudwatch_log_group_name` - CloudWatch log group name - `docker_image` - The docker image to use for this - `ecs_cluster_id` - ID for ECS Cluster - - `ecsServiceRole_arn` - ARN for ECS Service Role - `idp_name` - Short name of IdP for use in logs and email alerts - `mysql_host` - Address for RDS instance - `mysql_pass` - MySQL password - `mysql_user` - MySQL username - - `vpc_id` - ID for VPC ## Optional Inputs @@ -56,13 +54,11 @@ module "dbbackup" { db_names = var.db_names docker_image = data.terraform_remote_state.ecr.ecr_repo_dbbackup ecs_cluster_id = data.terraform_remote_state.core.ecs_cluster_id - ecsServiceRole_arn = data.terraform_remote_state.core.ecsServiceRole_arn idp_name = var.idp_name memory = var.memory mysql_host = data.terraform_remote_state.database.rds_address mysql_pass = data.terraform_remote_state.database.mysql_pass mysql_user = data.terraform_remote_state.database.mysql_user service_mode = var.service_mode - vpc_id = data.terraform_remote_state.cluster.vpc_id } ``` diff --git a/terraform/032-db-backup/main.tf b/terraform/032-db-backup/main.tf index 63fb37b..3e8456c 100644 --- a/terraform/032-db-backup/main.tf +++ b/terraform/032-db-backup/main.tf @@ -1,6 +1,5 @@ locals { - aws_account = data.aws_caller_identity.this.account_id - aws_region = data.aws_region.current.name + aws_region = data.aws_region.current.name } @@ -8,8 +7,6 @@ locals { * AWS data */ -data "aws_caller_identity" "this" {} - data "aws_region" "current" {} diff --git a/terraform/032-db-backup/vars.tf b/terraform/032-db-backup/vars.tf index a14cf63..aed7361 100644 --- a/terraform/032-db-backup/vars.tf +++ b/terraform/032-db-backup/vars.tf @@ -7,12 +7,6 @@ variable "app_name" { default = "db-backup" } -variable "aws_region" { - description = "This is not used. The region is more reliably determined from the aws_region data source." - type = string - default = "" -} - variable "backup_user_name" { type = string default = null @@ -52,10 +46,6 @@ variable "ecs_cluster_id" { type = string } -variable "ecsServiceRole_arn" { - type = string -} - variable "event_schedule" { description = "Schedule for backup task execution. Default: `cron(0 2 * * ? *)" type = string @@ -88,10 +78,6 @@ variable "service_mode" { default = "backup" } -variable "vpc_id" { - type = string -} - variable "enable_aws_backup" { description = "enable backup using AWS Backup service" type = bool diff --git a/terraform/040-id-broker/README.md b/terraform/040-id-broker/README.md index cbf6bb2..2b2ffeb 100644 --- a/terraform/040-id-broker/README.md +++ b/terraform/040-id-broker/README.md @@ -39,12 +39,10 @@ This module is used to create an ECS service running id-broker. - `mysql_pass` - MySQL password for id-broker - `mysql_user` - MySQL username for id-broker - `password_profile_url` - URL to password manager profile - - `ssl_policy` - SSL policy - `subdomain` - Subdomain to use for this (id-broker) ECS service - `support_email` - Email address for support - `support_name` - Name for support. Default: `support` - `vpc_id` - ID for VPC - - `wildcard_cert_arn` - ARN to ACM wildcard certificate ## Optional Inputs @@ -232,7 +230,6 @@ module "broker" { send_password_expiring_emails = var.send_password_expiring_emails send_refresh_backup_codes_emails = var.send_refresh_backup_codes_emails send_welcome_emails = var.send_welcome_emails - ssl_policy = var.ssl_policy subdomain = var.broker_subdomain subject_for_get_backup_codes = var.subject_for_get_backup_codes subject_for_invite = var.subject_for_invite @@ -255,6 +252,5 @@ module "broker" { support_email = var.support_email support_name = var.support_name vpc_id = data.terraform_remote_state.cluster.vpc_id - wildcard_cert_arn = data.terraform_remote_state.cluster.wildcard_cert_arn } ``` diff --git a/terraform/040-id-broker/main.tf b/terraform/040-id-broker/main.tf index 0d537ba..db12899 100644 --- a/terraform/040-id-broker/main.tf +++ b/terraform/040-id-broker/main.tf @@ -230,7 +230,7 @@ module "cron_task" { environment = [ { "name" : "RUN_TASK", - "value" : "${var.run_task}" + "value" : var.run_task } ] } diff --git a/terraform/040-id-broker/vars.tf b/terraform/040-id-broker/vars.tf index 58f24a5..b15ba6c 100644 --- a/terraform/040-id-broker/vars.tf +++ b/terraform/040-id-broker/vars.tf @@ -24,12 +24,6 @@ variable "app_name" { description = "Used in ECS service names and logs, best to leave as default." } -variable "aws_region" { - description = "This is not used. The region is more reliably determined from the aws_region data source." - type = string - default = "" -} - variable "cloudflare_domain" { type = string } @@ -83,15 +77,18 @@ variable "email_repeat_delay_days" { variable "email_service_accessToken" { description = "Access Token for Email Service API" + type = string } variable "email_service_assertValidIp" { description = "Whether or not to assert IP address for Email Service API is trusted" + type = string default = "true" } variable "email_service_baseUrl" { description = "Base URL to Email Service API" + type = string } variable "email_service_validIpRanges" { @@ -128,8 +125,8 @@ variable "ga_measurement_id" { } variable "google_config" { - type = map(string) description = "A map of Google properties for Sheets export" + type = map(string) default = { enableSheetsExport = false } } @@ -174,6 +171,7 @@ variable "idp_display_name" { variable "idp_name" { description = "Short name of IdP for logs, something like 'acme'" + type = string } variable "inactive_user_period" { @@ -460,10 +458,6 @@ variable "sentry_dsn" { default = "" } -variable "ssl_policy" { - type = string -} - variable "subdomain" { description = "The subdomain for id-broker, without an embedded region in it (e.g. 'broker', NOT 'broker-us-east-1')" type = string @@ -577,10 +571,6 @@ variable "vpc_id" { type = string } -variable "wildcard_cert_arn" { - type = string -} - variable "app_id" { description = "DEPRECATED AppConfig application ID created by AWS. This cannot be the application name." type = string diff --git a/terraform/041-id-broker-search-lambda/vars.tf b/terraform/041-id-broker-search-lambda/vars.tf index 7cf8bff..6bede70 100644 --- a/terraform/041-id-broker-search-lambda/vars.tf +++ b/terraform/041-id-broker-search-lambda/vars.tf @@ -3,6 +3,7 @@ variable "app_env" { } variable "app_name" { + type = string default = "idp-id-broker-search" } @@ -19,10 +20,12 @@ variable "function_bucket_name" { } variable "function_zip_name" { + type = string default = "idp-id-broker-search.zip" } variable "function_name" { + type = string default = "idp-id-broker-search" } @@ -37,11 +40,13 @@ variable "lambda_runtime" { } variable "memory_size" { + type = string default = "128" } variable "remote_role_arn" { description = "ARN to role from different AWS account to be given permission to invoke function" + type = string } variable "security_group_ids" { @@ -53,6 +58,6 @@ variable "subnet_ids" { } variable "timeout" { + type = string default = "5" } - diff --git a/terraform/050-pw-manager/README.md b/terraform/050-pw-manager/README.md index d90ebfc..7c0718e 100644 --- a/terraform/050-pw-manager/README.md +++ b/terraform/050-pw-manager/README.md @@ -53,7 +53,6 @@ The password manager UI can be deployed using the [silinternatonal/pages/cloudfl - `support_name` - Name for end user support - `ui_subdomain` - Subdomain for PW UI - `vpc_id` - ID for VPC - - `wildcard_cert_arn` - ARN to ACM wildcard cert ## Optional Inputs @@ -96,7 +95,6 @@ module "pwmanager" { auth_saml_spCertificate = var.auth_saml_spCertificate auth_saml_spPrivateKey = var.auth_saml_spPrivateKey auth_saml_ssoUrl = var.auth_saml_ssoUrl - cd_user_username = data.terraform_remote_state.core.cduser_username cloudflare_domain = var.cloudflare_domain cloudwatch_log_group_name = var.cloudwatch_log_group_name code_length = var.code_length @@ -137,6 +135,5 @@ module "pwmanager" { support_url = var.support_url ui_subdomain = var.ui_subdomain vpc_id = data.terraform_remote_state.cluster.vpc_id - wildcard_cert_arn = data.terraform_remote_state.cluster.cloudfront_distribution_cert_arn } ``` diff --git a/terraform/050-pw-manager/vars.tf b/terraform/050-pw-manager/vars.tf index d88fd40..7d87875 100644 --- a/terraform/050-pw-manager/vars.tf +++ b/terraform/050-pw-manager/vars.tf @@ -33,6 +33,7 @@ variable "app_name" { } variable "auth_saml_checkResponseSigning" { + type = string default = "true" } @@ -47,6 +48,7 @@ variable "auth_saml_idpCertificate" { } variable "auth_saml_requireEncryptedAssertion" { + type = string default = "true" } @@ -76,16 +78,6 @@ variable "auth_saml_ssoUrl" { type = string } -variable "aws_region" { - description = "This is not used. The region is more reliably determined from the aws_region data source." - type = string - default = "" -} - -variable "cd_user_username" { - type = string -} - variable "cloudflare_domain" { type = string } @@ -129,15 +121,18 @@ variable "ecsServiceRole_arn" { variable "email_service_accessToken" { description = "Access Token for Email Service API" + type = string } variable "email_service_assertValidIp" { description = "Whether or not to assert IP address for Email Service API is trusted" + type = string default = "true" } variable "email_service_baseUrl" { description = "Base URL to Email Service API" + type = string } variable "email_service_validIpRanges" { @@ -166,6 +161,7 @@ variable "id_broker_access_token" { variable "id_broker_assertValidBrokerIp" { description = "Whether or not to assert IP address for ID Broker API is trusted" + type = string default = "true" } @@ -190,6 +186,7 @@ variable "idp_name" { variable "memory" { description = "Amount of memory to allocate to container, recommend '128' for production" + type = string default = "100" } @@ -276,10 +273,6 @@ variable "vpc_id" { type = string } -variable "wildcard_cert_arn" { - type = string -} - variable "create_dns_record" { description = "Controls creation of a DNS CNAME record for the ECS service." type = bool diff --git a/terraform/060-simplesamlphp/README.md b/terraform/060-simplesamlphp/README.md index e34b94a..1148d9a 100644 --- a/terraform/060-simplesamlphp/README.md +++ b/terraform/060-simplesamlphp/README.md @@ -51,7 +51,6 @@ This module is used to create an ECS service running simpleSAMLphp. A 64-character random string will be created automatically if not provided. - `show_saml_errors` - Whether or not to show saml errors. Default: `false` - `theme_color_scheme` - The color scheme to use for SSP. Default: `'indigo-purple'` - - `trust_cloudflare_ips` - If set to `"ipv4"` Cloudflare IPV4 addresses will be included in `trusted_ip_addresses` ## Outputs @@ -110,6 +109,5 @@ module "ssp" { help_center_url = data.terraform_remote_state.broker.help_center_url enable_debug = var.enable_debug logging_level = var.logging_level - trust_cloudflare_ips = "ipv4" } ``` diff --git a/terraform/060-simplesamlphp/main.tf b/terraform/060-simplesamlphp/main.tf index 3c4162f..8e90324 100644 --- a/terraform/060-simplesamlphp/main.tf +++ b/terraform/060-simplesamlphp/main.tf @@ -61,8 +61,6 @@ module "cf_ips" { locals { subdomain_with_region = "${var.subdomain}-${local.aws_region}" - other_ip_addresses = var.trust_cloudflare_ips == "ipv4" ? module.cf_ips.ipv4_cidrs : [] - trusted_ip_addresses = concat(module.cf_ips.ipv4_cidrs, var.trusted_ip_addresses) secret_salt = var.secret_salt == "" ? random_id.secretsalt.hex : var.secret_salt diff --git a/terraform/060-simplesamlphp/vars.tf b/terraform/060-simplesamlphp/vars.tf index a180436..923d2d9 100644 --- a/terraform/060-simplesamlphp/vars.tf +++ b/terraform/060-simplesamlphp/vars.tf @@ -1,13 +1,16 @@ variable "secret_salt" { - default = "" description = "This allows for porting the value over from a primary to a secondary workspace (a random string that is 64 characters long)." + type = string + default = "" } variable "memory" { + type = string default = "96" } variable "cpu" { + type = string default = "150" } @@ -28,12 +31,6 @@ variable "alb_https_listener_arn" { type = string } -variable "aws_region" { - description = "This is not used. The region is more reliably determined from the aws_region data source." - type = string - default = "" -} - variable "subdomain" { type = string } @@ -162,6 +159,7 @@ variable "trusted_ip_addresses" { } variable "desired_count" { + type = string default = "1" } @@ -174,13 +172,11 @@ variable "help_center_url" { } variable "admin_email" { + type = string } variable "admin_name" { -} - -variable "trust_cloudflare_ips" { - default = "" + type = string } variable "create_dns_record" { diff --git a/terraform/070-id-sync/README.md b/terraform/070-id-sync/README.md index d68df4a..5810bb9 100644 --- a/terraform/070-id-sync/README.md +++ b/terraform/070-id-sync/README.md @@ -11,7 +11,6 @@ store. - `app_name` - Application name - `app_env` - Application environment - `cloudwatch_log_group_name` - CloudWatch log group name - - `vpc_id` - ID for VPC - `docker_image` - URL to Docker image - `email_service_accessToken` - Access token for Email Service API - `email_service_baseUrl` - Base URL (e.g. 'https://email.example.com') to Email Service API @@ -53,7 +52,6 @@ module "idsync" { cpu = var.cpu app_name = var.app_name app_env = var.app_env - vpc_id = data.terraform_remote_state.cluster.vpc_id alb_https_listener_arn = data.terraform_remote_state.cluster.alb_https_listener_arn cloudwatch_log_group_name = var.cloudwatch_log_group_name docker_image = data.terraform_remote_state.ecr.ecr_repo_idsync diff --git a/terraform/070-id-sync/vars.tf b/terraform/070-id-sync/vars.tf index 012d8e8..a59f2ed 100644 --- a/terraform/070-id-sync/vars.tf +++ b/terraform/070-id-sync/vars.tf @@ -1,8 +1,10 @@ variable "memory" { + type = string default = "200" } variable "cpu" { + type = string default = "200" } @@ -15,16 +17,6 @@ variable "app_env" { type = string } -variable "vpc_id" { - type = string -} - -variable "aws_region" { - description = "This is not used. The region is more reliably determined from the aws_region data source." - type = string - default = "" -} - variable "cloudwatch_log_group_name" { type = string } @@ -35,15 +27,18 @@ variable "docker_image" { variable "email_service_accessToken" { description = "Access Token for Email Service API" + type = string } variable "email_service_assertValidIp" { description = "Whether or not to assert IP address for Email Service API is trusted" + type = string default = "true" } variable "email_service_baseUrl" { description = "Base URL to Email Service API" + type = string } variable "email_service_validIpRanges" { @@ -62,6 +57,7 @@ variable "id_broker_adapter" { variable "id_broker_assertValidIp" { description = "Whether or not to assert IP address for ID Broker API is trusted" + type = string default = "true" } @@ -109,14 +105,17 @@ variable "alerts_email" { } variable "sync_safety_cutoff" { + type = string default = "0.15" } variable "allow_empty_email" { + type = string default = "false" } variable "enable_new_user_notification" { + type = string default = "false" } diff --git a/terraform/ecs-role/versions.tf b/terraform/ecs-role/versions.tf new file mode 100644 index 0000000..f6615c5 --- /dev/null +++ b/terraform/ecs-role/versions.tf @@ -0,0 +1,10 @@ + +terraform { + required_version = ">= 0.14" + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 4.0.0, < 6.0.0" + } + } +} diff --git a/test/022-ecr.tf b/test/022-ecr.tf index 66a1a48..3eb9613 100644 --- a/test/022-ecr.tf +++ b/test/022-ecr.tf @@ -1,7 +1,6 @@ module "ecr" { source = "../terraform/022-ecr" - app_env = "" cd_user_arn = "" ecsInstanceRole_arn = "" ecsServiceRole_arn = "" diff --git a/test/030-phpmyadmin.tf b/test/030-phpmyadmin.tf index beb3e65..52b435a 100644 --- a/test/030-phpmyadmin.tf +++ b/test/030-phpmyadmin.tf @@ -6,14 +6,14 @@ module "pma" { alb_https_listener_arn = "" app_env = "" cloudflare_domain = "" - cpu = "" ecsServiceRole_arn = "" ecs_cluster_id = "" enable = true idp_name = "" - memory = "" rds_address = "" subdomain = "" upload_limit = "" vpc_id = "" + cpu = 0 + memory = 0 } diff --git a/test/031-email-service.tf b/test/031-email-service.tf index 7756232..7906891 100644 --- a/test/031-email-service.tf +++ b/test/031-email-service.tf @@ -15,7 +15,7 @@ module "email" { email_brand_color = "" email_brand_logo = "" email_queue_batch_size = "" - enable_cron = "" + enable_cron = false from_email = "" idp_name = "" internal_alb_dns_name = "" @@ -30,8 +30,6 @@ module "email" { mysql_pass = "" mysql_user = "" notification_email = "" - ssl_policy = "" subdomain = "" vpc_id = "" - wildcard_cert_arn = "" } diff --git a/test/032-db-backup.tf b/test/032-db-backup.tf index 44b1f82..dcefe12 100644 --- a/test/032-db-backup.tf +++ b/test/032-db-backup.tf @@ -9,7 +9,6 @@ module "backup" { event_schedule = "" db_names = [""] docker_image = "" - ecsServiceRole_arn = "" ecs_cluster_id = "" idp_name = "" memory = "" @@ -17,7 +16,6 @@ module "backup" { mysql_pass = "" mysql_user = "" service_mode = "" - vpc_id = "" enable_aws_backup = true aws_backup_schedule = "" aws_backup_notification_events = [""] diff --git a/test/040-id-broker.tf b/test/040-id-broker.tf index 2541ee0..9a24b10 100644 --- a/test/040-id-broker.tf +++ b/test/040-id-broker.tf @@ -94,7 +94,6 @@ module "broker" { send_password_expiring_emails = "" send_refresh_backup_codes_emails = "" send_welcome_emails = "" - ssl_policy = "" subdomain = "" subject_for_abandoned_users = "" subject_for_get_backup_codes = "" @@ -118,5 +117,4 @@ module "broker" { support_email = "" support_name = "" vpc_id = "" - wildcard_cert_arn = "" } diff --git a/test/050-pw-manager.tf b/test/050-pw-manager.tf index 4ca94a4..91c09af 100644 --- a/test/050-pw-manager.tf +++ b/test/050-pw-manager.tf @@ -16,7 +16,6 @@ module "pw" { auth_saml_spCertificate = "" auth_saml_spPrivateKey = "" auth_saml_ssoUrl = "" - cd_user_username = "" cloudflare_domain = "" cloudwatch_log_group_name = "" code_length = "" @@ -57,5 +56,4 @@ module "pw" { support_url = "" ui_subdomain = "" vpc_id = "" - wildcard_cert_arn = "" } diff --git a/test/060-simplesamlphp.tf b/test/060-simplesamlphp.tf index 650ee97..a6d9144 100644 --- a/test/060-simplesamlphp.tf +++ b/test/060-simplesamlphp.tf @@ -42,7 +42,6 @@ module "ssp" { show_saml_errors = "" subdomain = "" theme_color_scheme = "" - trust_cloudflare_ips = "" trusted_ip_addresses = [""] vpc_id = "" } diff --git a/test/070-id-sync.tf b/test/070-id-sync.tf index 83cbac4..e06656f 100644 --- a/test/070-id-sync.tf +++ b/test/070-id-sync.tf @@ -28,5 +28,4 @@ module "sync" { memory = "" notifier_email_to = "" sync_safety_cutoff = "" - vpc_id = "" }