Merge pull request #1103 from NHSDigital/feature/made14-NRL-1832-rm-nhsidentities-perms

NRL-1832 Remove resources and references to NHSD Identities accounts

Author: mattdean3-nhs

terraform/account-wide-infrastructure/dev/data.tf

@@ -2,10 +2,6 @@ data "aws_region" "current" {}
 
 data "aws_caller_identity" "current" {}
 
-data "aws_secretsmanager_secret_version" "identities_account_id" {
-  secret_id = aws_secretsmanager_secret.identities_account_id.name
-}
-
 data "aws_secretsmanager_secret_version" "backup_destination_parameters" {
   secret_id = aws_secretsmanager_secret.backup_destination_parameters.name
 }

terraform/account-wide-infrastructure/dev/iam__developer-role.tf

@@ -1,7 +1,3 @@
-resource "aws_secretsmanager_secret" "identities_account_id" {
-  name = "${local.prefix}--nhs-identities-account-id"
-}
-
 resource "aws_secretsmanager_secret" "backup_destination_parameters" {
   name        = "${local.prefix}--backup-destination-parameters"
   description = "Parameters used to configure the backup destination"

terraform/account-wide-infrastructure/dev/secrets.tf

@@ -18,10 +18,6 @@ data "aws_s3_bucket" "truststore" {
   bucket = "${local.project}--truststore"
 }
 
-data "aws_secretsmanager_secret_version" "identities_account_id" {
-  secret_id = aws_secretsmanager_secret.identities_account_id.name
-}
-
 data "aws_secretsmanager_secret" "prod_account_id" {
   name = "${local.project}--mgmt--prod-account-id"
 }

terraform/account-wide-infrastructure/mgmt/data.tf

@@ -1,19 +1,3 @@
-resource "aws_iam_role" "developer_role" {
-  name = "NHSDDeveloperRole"
-  assume_role_policy = jsonencode({
-    Version : "2012-10-17",
-    Statement : [
-      {
-        Action : "sts:AssumeRole",
-        Principal : {
-          AWS : "arn:aws:iam::${data.aws_secretsmanager_secret_version.identities_account_id.secret_string}:root"
-        },
-        Effect : "Allow"
-      }
-    ]
-  })
-}
-
 module "developer_policy" {
   source    = "../modules/role-policy"
   name      = "${local.prefix}--developer-policy"

…frastructure/mgmt/iam__developer-role.tf …/account-wide-infrastructure/mgmt/iam.tfterraform/account-wide-infrastructure/mgmt/iam__developer-role.tf renamed to terraform/account-wide-infrastructure/mgmt/iam.tf terraform/account-wide-infrastructure/mgmt/iam__developer-role.tf renamed to terraform/account-wide-infrastructure/mgmt/iam.tf

@@ -2,10 +2,6 @@ data "aws_region" "current" {}
 
 data "aws_caller_identity" "current" {}
 
-data "aws_secretsmanager_secret_version" "identities_account_id" {
-  secret_id = aws_secretsmanager_secret.identities_account_id.name
-}
-
 data "aws_secretsmanager_secret" "emails" {
   name = "${local.prefix}-emails"
 }

terraform/account-wide-infrastructure/mgmt/secrets.tf

@@ -1,7 +1,3 @@
-resource "aws_secretsmanager_secret" "identities_account_id" {
-  name = "${local.prefix}--nhs-identities-account-id"
-}
-
 resource "aws_secretsmanager_secret" "prod_smoke_test_apigee_app" {
   name        = "${local.prefix}--prod--apigee-app--smoke-test"
   description = "APIGEE App used to run Smoke Tests against the PROD environment"

terraform/account-wide-infrastructure/prod/data.tf

@@ -2,10 +2,6 @@ data "aws_region" "current" {}
 
 data "aws_caller_identity" "current" {}
 
-data "aws_secretsmanager_secret_version" "identities_account_id" {
-  secret_id = aws_secretsmanager_secret.identities_account_id.name
-}
-
 data "aws_secretsmanager_secret" "emails" {
   name = "${local.prefix}-emails"
 }