169163334 - Enables KeyVault server in dev TF env

This keyvault server will be used for db, redis, ad, k8s, and app
secrets for this environment.

terraform/modules/keyvault/main.tf

@@ -5,14 +5,6 @@ resource "azurerm_resource_group" "keyvault" {
   location = var.region
 }
 
-resource "random_id" "server" {
-  keepers = {
-    ami_id = 1
-  }
-
-  byte_length = 8
-}
-
 resource "azurerm_key_vault" "keyvault" {
   name                = "${var.name}-${var.environment}-keyvault"
   location            = azurerm_resource_group.keyvault.location
@@ -21,24 +13,8 @@ resource "azurerm_key_vault" "keyvault" {
 
   sku_name = "premium"
 
-  access_policy {
-    tenant_id = data.azurerm_client_config.current.tenant_id
-    object_id = data.azurerm_client_config.current.service_principal_object_id
-
-    key_permissions = [
-      "create",
-      "get",
-    ]
-
-    secret_permissions = [
-      "set",
-      "get",
-      "delete",
-    ]
-  }
-
   tags = {
     environment = var.environment
     owner       = var.owner
   }
-}
+}

terraform/modules/keyvault/variables.tf

@@ -14,6 +14,11 @@ variable "environment" {
 }
 
 variable "owner" {
-  type = string
+  type        = string
   description = "Owner of this environment"
 }
+
+variable "tenant_id" {
+  type        = string
+  description = "The Tenant ID"
+}

terraform/providers/dev/keyvault.tf

@@ -1,7 +1,8 @@
-#module "keyvault" {
-#  source      = "../../modules/keyvault"
-#  name        = var.name
-#  region      = var.region
-#  owner       = var.owner
-#  environment = var.environment
-#}
+module "keyvault" {
+  source      = "../../modules/keyvault"
+  name        = var.name
+  region      = var.region
+  owner       = var.owner
+  environment = var.environment
+  tenant_id   = var.tenant_id
+}

terraform/providers/dev/variables.tf

@@ -54,3 +54,8 @@ variable "k8s_dns_prefix" {
   type    = string
   default = "atat"
 }
+
+variable "tenant_id" {
+  type    = string
+  default = "b5ab0e1e-09f8-4258-afb7-fb17654bc5b3"
+}