guix/maintenance
2
0
Fork 0
mirror of git://git.savannah.gnu.org/guix/maintenance.git synced 2023-12-14 03:33:04 +01:00
Code Issues Releases Wiki Activity

cdn: Do not hard-code the profile name.

Browse source 
* cdn/terraform/main.tf (provider) <profile>: Remove it.
This commit is contained in:
Chris Marusich 2018-12-27 14:55:28 -08:00
parent 7680ddf06c
commit 1204bc3d45
No known key found for this signature in database
GPG key ID: DD409A15D822469D
1 changed files with 30 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
cdn/terraform/main.tf
View file

@ -1,26 +1,41 @@
# See: https://www.terraform.io/docs/providers/aws
# Provider documentation: https://www.terraform.io/docs/providers/aws
#
# Some AWS credentials documentation:
# https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html
#
# You must set up an AWS Credentials file to use the AWS provider.
# For example, you might put the following in ~/.aws/credentials:
#
# [guix]
# aws_access_key_id=ACCESS_KEY_ID
# aws_secret_access_key=SECRET_ACCESS_KEY
#
# Then you can invoke "terraform" like this to use the credentials:
#
# AWS_PROFILE=guix AWS_DEFAULT_REGION=us-west-2 terraform apply
#
# The first environment variable tells the AWS provider to look for a
# "profile" named "guix". You can use any profile name you want, but
# it needs to match the profile name in the AWS credentials file.
#
# The second environment variable tells the AWS provider what region
# to use. For global services like IAM or CloudFront, you can use any
# region, but you might get better performance when using a region
# that is geographically close to you. If we ever use any services
# that are not global (e.g., EC2), then the region will specify where
# those resources (e.g., EC2 instances) will exist.
provider "aws" {
# You must set up an AWS Credentials file a profile of the same name
# (i.e., "guix"). For example, put this in your ~/.aws/credentials:
#
# [guix]
# aws_access_key_id=ACCESS_KEY_ID
# aws_secret_access_key=SECRET_ACCESS_KEY
#
# See: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html
# That documentation AWS CLI documentation, but the same ideas apply
# generally to other AWS SDKs and tools.
profile = "guix"
}
provider "aws" {}
# A friendly name for our account - this is displayed in various
# A friendly name for our account. This is displayed in various
# places, such as the AWS Management Console.
resource "aws_iam_account_alias" "alias" {
account_alias = "guix"
}
# Encourage good password hygiene.
resource "aws_iam_account_password_policy" "strict" {
minimum_password_length = 20
require_lowercase_characters = true