diff --git a/files/tenant-samples/silo/tenant-helm-chart/auth0/templates/authentication-service-deployment.yaml b/files/tenant-samples/silo/tenant-helm-chart/auth0/templates/authentication-service-deployment.yaml index e7fb1907..a450cce3 100644 --- a/files/tenant-samples/silo/tenant-helm-chart/auth0/templates/authentication-service-deployment.yaml +++ b/files/tenant-samples/silo/tenant-helm-chart/auth0/templates/authentication-service-deployment.yaml @@ -159,6 +159,11 @@ spec: secretKeyRef: name: api-token key: JWT_ISSUER + - name: AUTH0_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: api-token + key: AUTH0_CLIENT_SECRET {{- if .Values.imagePullSecret.enabled }} imagePullSecrets: - name: {{ .Values.imagePullSecret.name }} diff --git a/files/tenant-samples/silo/tenant-helm-chart/auth0/templates/cm-authentication-service.yaml b/files/tenant-samples/silo/tenant-helm-chart/auth0/templates/cm-authentication-service.yaml index 09ea6215..a1cfd761 100644 --- a/files/tenant-samples/silo/tenant-helm-chart/auth0/templates/cm-authentication-service.yaml +++ b/files/tenant-samples/silo/tenant-helm-chart/auth0/templates/cm-authentication-service.yaml @@ -13,4 +13,7 @@ data: LOG_LEVEL: '{{ .Values.authenticationService.log_level }}' BASE_PATH: '{{ .Values.authenticationService.base_path }}' DB_SSL: '{{ .Values.authenticationService.db_ssl }}' + AUTH0_DOMAIN: "dev-db7dz4wg6ccbguer.us.auth0.com" + AUTH0_CLIENT_ID: "pluqd6RqaLilAn7p1kUFkNo20bxuwUK5" + AUTH0_CALLBACK_URL: "https://{{ .Values.hostname }}/authentication-service/auth/auth0-auth-redirect" {{- end}} \ No newline at end of file diff --git a/files/tenant-samples/silo/tenant-helm-chart/auth0/templates/secret-provider-class-and-sa.yaml b/files/tenant-samples/silo/tenant-helm-chart/auth0/templates/secret-provider-class-and-sa.yaml index 47be4ea9..1838961c 100644 --- a/files/tenant-samples/silo/tenant-helm-chart/auth0/templates/secret-provider-class-and-sa.yaml +++ b/files/tenant-samples/silo/tenant-helm-chart/auth0/templates/secret-provider-class-and-sa.yaml @@ -59,6 +59,8 @@ spec: key: PUBNUB_SUB_KEY - objectName: pubnub-secret-key key: PUBNUB_SECRET_KEY + - objectName: auth0-client-secret + key: AUTH0_CLIENT_SECRET parameters: # region: us-west-2 objects: | @@ -115,4 +117,7 @@ spec: objectAlias: pubnub-sub-key - objectName: {{ .Values.pubnubSecretKey }} objectType: ssmparameter - objectAlias: pubnub-secret-key \ No newline at end of file + objectAlias: pubnub-secret-key + - objectName: {{ .Values.auth0ClientSecret }} + objectType: ssmparameter + objectAlias: auth0-client-secret \ No newline at end of file diff --git a/files/tenant-samples/silo/tenant-helm-chart/auth0/values.yaml.template b/files/tenant-samples/silo/tenant-helm-chart/auth0/values.yaml.template index 9d9c458e..d5a9882e 100644 --- a/files/tenant-samples/silo/tenant-helm-chart/auth0/values.yaml.template +++ b/files/tenant-samples/silo/tenant-helm-chart/auth0/values.yaml.template @@ -368,4 +368,5 @@ instance_category: ${INSTANCE_CATEGORY} vonageSecret: /pubnub/vonage-api-key-secret pubnubPubKey: /pubnub/public-key pubnubSubKey: /pubnub/subscribe-key -pubnubSecretKey: /pubnub/secret-key \ No newline at end of file +pubnubSecretKey: /pubnub/secret-key +auth0ClientSecret: /sf-arc-saas/dev/auth0-client-secret \ No newline at end of file diff --git a/files/tenant-samples/silo/terraform/data.tf b/files/tenant-samples/silo/terraform/data.tf index 0e9c6cef..28698eec 100644 --- a/files/tenant-samples/silo/terraform/data.tf +++ b/files/tenant-samples/silo/terraform/data.tf @@ -94,6 +94,7 @@ data "aws_iam_policy_document" "ssm_policy" { ] resources = ["arn:aws:ssm:${var.region}:${local.sts_caller_arn}:parameter/${var.namespace}/${var.environment}/${var.tenant_tier}/${var.tenant}/*", "arn:aws:ssm:${var.region}:${local.sts_caller_arn}:parameter/pubnub/*", + "arn:aws:ssm:${var.region}:${local.sts_caller_arn}:parameter/${var.namespace}/${var.environment}/auth0-client-secret" "arn:aws:cognito-idp:${var.region}:${local.sts_caller_arn}:*"] } }