169163334 - Enables KeyVault server in dev TF env

This keyvault server will be used for db, redis, ad, k8s, and app
secrets for this environment.

terraform/modules/keyvault/main.tf

@@ -5,14 +5,6 @@ resource "azurerm_resource_group" "keyvault" {
   location = var.region
 }
 
-resource "random_id" "server" {
-  keepers = {
-    ami_id = 1
-  }
-
-  byte_length = 8
-}
-
 resource "azurerm_key_vault" "keyvault" {
   name                = "${var.name}-${var.environment}-keyvault"
   location            = azurerm_resource_group.keyvault.location
@@ -21,24 +13,8 @@ resource "azurerm_key_vault" "keyvault" {
 
   sku_name = "premium"
 
-  access_policy {
-    tenant_id = data.azurerm_client_config.current.tenant_id
-    object_id = data.azurerm_client_config.current.service_principal_object_id
-
-    key_permissions = [
-      "create",
-      "get",
-    ]
-
-    secret_permissions = [
-      "set",
-      "get",
-      "delete",
-    ]
-  }
-
   tags = {
     environment = var.environment
     owner       = var.owner
   }
-}
+}

terraform/modules/keyvault/variables.tf

@@ -14,6 +14,11 @@ variable "environment" {
 }
 
 variable "owner" {
-  type = string
+  type        = string
   description = "Owner of this environment"
 }
+
+variable "tenant_id" {
+  type        = string
+  description = "The Tenant ID"
+}