cloud-key-rotator
cloud-key-rotator copied to clipboard
ovotech
A Golang program to rotate AWS & GCP account keys
Bumps [github.com/CircleCI-Public/circleci-cli](https://github.com/CircleCI-Public/circleci-cli) from 0.1.30163 to 0.1.30549. Release notes Sourced from github.com/CircleCI-Public/circleci-cli's releases. v0.1.30549 Changelog 735ecd3 Merge pull request #1053 from CircleCI-Public/develop 4279a96 Merge pull request #1054 from CircleCI-Public/dependabot/go_modules/google.golang.org/protobuf-1.33.0 1dfb480 chore(deps):...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
``` Error: Invalid count argument -- 801 | 802 | on .terraform/modules/infrastructure.cloud-key-rotator/main.tf line 81, in resource "aws_secretsmanager_secret_version" "ckr-config-string": 803 | 81: count = var.config_data != "" ? 1 : 0...
....in case users want to bail out of the key deletion.
Currently, if a user wants to rotate ALL their SA keys, they won't be able to without specifying each service account separately, as for safety, `cloud-key-rotator` doesn't rotate anything when...
To use the GCP terraform module, the following APIs need to be enabled: - cloudbuild.googleapis.com - cloudscheduler.googleapis.com - cloudfunctions.googleapis.com - appengine.googleapis.com it'd be great to have these enabled via the...
There's currently no testing of locations, it'd be great if we could mock them out (since they all involve calls to external APIs) and get some proper testing on them.
I think `go build` will need to be checked in the same way The goreleaser job in circleci is quite flakey, I'm sure there's various reasons, including go versions being...
This has burnt me a few times when adding new AWS users to config. From copy/pasting from the AWS UI there's a trailing space depending where you copy from
Still need to make sure that terraform knows the binary has changed on update: https://www.terraform.io/docs/providers/aws/r/lambda_function.html#source_code_hash perhaps? Can we find a way to set the latest binary version name as a...
...it would allow users to see the ages of their keys from command line. 🎉