feat: modules/iam-user - Output SMTP password generated with SigV4 algorithm (#70)

54101191 · Denys Havrysh · GitHub · 21544e11 · 54101191 · 54101191
Commit 54101191 authored Apr 23, 2020 by Denys Havrysh Committed by GitHub Apr 23, 2020
Show whitespace changes
Inline Side-by-side

Showing with 18 additions and 5 deletions

README.md modules/iam-user/README.md +4 -3

outputs.tf modules/iam-user/outputs.tf +13 -1

versions.tf modules/iam-user/versions.tf +1 -1

No files found.
--- a/modules/iam-user/README.md
+++ b/modules/iam-user/README.md
@@ -24,13 +24,13 @@ This module outputs commands and PGP messages which can be decrypted either usin
 | Name | Version |
 |------|---------|
 | terraform | ~> 0.12.6 |
-| aws | ~> 2.23 |
+| aws | ~> 2.50 |
 ## Providers
 | Name | Version |
 |------|---------|
-| aws | ~> 2.23 |
+| aws | ~> 2.50 |
 ## Inputs
@@ -64,7 +64,8 @@ This module outputs commands and PGP messages which can be decrypted either usin
 | this\_iam\_access\_key\_id | The access key ID |
 | this\_iam\_access\_key\_key\_fingerprint | The fingerprint of the PGP key used to encrypt the secret |
 | this\_iam\_access\_key\_secret | The access key secret |
-| this\_iam\_access\_key\_ses\_smtp\_password | The secret access key converted into an SES SMTP password |
+| this\_iam\_access\_key\_ses\_smtp\_password | DEPRECATED: The secret access key converted into an SES SMTP password by applying AWS's SigV2 conversion algorithm |
+| this\_iam\_access\_key\_ses\_smtp\_password\_v4 | The secret access key converted into an SES SMTP password by applying AWS's Sigv4 conversion algorithm |
 | this\_iam\_access\_key\_status | Active or Inactive. Keys are initially active, but can be made inactive by other means. |
 | this\_iam\_user\_arn | The ARN assigned by AWS for this user |
 | this\_iam\_user\_login\_profile\_encrypted\_password | The encrypted password, base64 encoded |

--- a/modules/iam-user/outputs.tf
+++ b/modules/iam-user/outputs.tf
@@ -57,7 +57,7 @@ output "this_iam_access_key_encrypted_secret" {
 }
 output "this_iam_access_key_ses_smtp_password" {
-  description = "The secret access key converted into an SES SMTP password"
+  description = "DEPRECATED: The secret access key converted into an SES SMTP password by applying AWS's SigV2 conversion algorithm"
  value = element(
    concat(
      aws_iam_access_key.this.*.ses_smtp_password,
@@ -68,6 +68,18 @@ output "this_iam_access_key_ses_smtp_password" {
  )
 }
+output "this_iam_access_key_ses_smtp_password_v4" {
+  description = "The secret access key converted into an SES SMTP password by applying AWS's Sigv4 conversion algorithm"
+  value = element(
+    concat(
+      aws_iam_access_key.this.*.ses_smtp_password_v4,
+      aws_iam_access_key.this_no_pgp.*.ses_smtp_password_v4,
+      [""],
+    ),
+    0,
+  )
+}
 output "this_iam_access_key_status" {
  description = "Active or Inactive. Keys are initially active, but can be made inactive by other means."
  value = element(

--- a/modules/iam-user/versions.tf
+++ b/modules/iam-user/versions.tf
@@ -2,6 +2,6 @@ terraform {
  required_version = "~> 0.12.6"
  required_providers {
-    aws = "~> 2.23"
+    aws = "~> 2.50"
  }
 }