[services][terraform] Add Identity service
ClosedPublic
Actions

Authored by bartek on Jul 29 2023, 11:32 PM.

Details

Reviewers

varun
• jon

Commits

Summary

Terraform setup for Identity service. No big differences from other services in this stack.

Depends on D8667, D8583

Test Plan

It's already deployed to production

Repository

rCOMM Comm

Lint

Lint Not Applicable

Unit

Tests Not Applicable

bartek held this revision as a draft.

bartek published this revision for review.Jul 29 2023, 11:57 PM

bartek added inline comments.

services/terraform/remote/service_identity.tf
40 ↗	(On Diff #29239)	Wrapping this as nonsensitive lets us see TF plan diffs of other fields of this JSON. Otherwise, the whole `container_definitions` value would be marked as sensitive and redacted in the plan view. As long as we do terraform actions locally, this isn't a security issue. The main goal of storing this value as secret is to hide it from being exposed publicly in the git repo.

varun added inline comments.

services/terraform/remote/service_identity.tf
40 ↗	(On Diff #29239)	do we need to add anything to the nix_services_deployment doc explaining how to provide this value?

This revision is now accepted and ready to land.Jul 31 2023, 11:58 AM

services/terraform/remote/service_identity.tf
40 ↗	(On Diff #29239)	Updating docs is on my agenda, but I've started with Notion docs and also want to demo the workflow during office hours to give some context.