From 3c3e5f14c23532154d2316e47dfcc62e2c23d252 Mon Sep 17 00:00:00 2001
From: Rodrigue Koffi <bonclay7@users.noreply.github.com>
Date: Wed, 8 May 2024 17:43:04 +0200
Subject: [PATCH] Randomize SSM parameter name for GF token

---
 modules/eks-monitoring/add-ons/external-secrets/README.md | 2 ++
 modules/eks-monitoring/add-ons/external-secrets/main.tf   | 5 ++++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/modules/eks-monitoring/add-ons/external-secrets/README.md b/modules/eks-monitoring/add-ons/external-secrets/README.md
index 62d7a5cd..d284124f 100644
--- a/modules/eks-monitoring/add-ons/external-secrets/README.md
+++ b/modules/eks-monitoring/add-ons/external-secrets/README.md
@@ -18,6 +18,7 @@ This deploys an EKS Cluster with the External Secrets Operator. The cluster is p
 |------|---------|
 | <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.72 |
 | <a name="provider_kubectl"></a> [kubectl](#provider\_kubectl) | >= 2.0.3 |
+| <a name="provider_random"></a> [random](#provider\_random) | n/a |
 
 ## Modules
 
@@ -35,6 +36,7 @@ This deploys an EKS Cluster with the External Secrets Operator. The cluster is p
 | [aws_ssm_parameter.secret](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
 | [kubectl_manifest.cluster_secretstore](https://registry.terraform.io/providers/alekc/kubectl/latest/docs/resources/manifest) | resource |
 | [kubectl_manifest.secret](https://registry.terraform.io/providers/alekc/kubectl/latest/docs/resources/manifest) | resource |
+| [random_uuid.grafana_key_suffix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/uuid) | resource |
 | [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
 
 ## Inputs
diff --git a/modules/eks-monitoring/add-ons/external-secrets/main.tf b/modules/eks-monitoring/add-ons/external-secrets/main.tf
index dfd3669b..0f9fca43 100644
--- a/modules/eks-monitoring/add-ons/external-secrets/main.tf
+++ b/modules/eks-monitoring/add-ons/external-secrets/main.tf
@@ -76,8 +76,11 @@ YAML
   depends_on = [module.external_secrets]
 }
 
+resource "random_uuid" "grafana_key_suffix" {
+}
+
 resource "aws_ssm_parameter" "secret" {
-  name        = "/terraform-accelerator/grafana-api-key"
+  name        = "/terraform-accelerator/grafana-api-key/${random_uuid.grafana_key_suffix.result}"
   description = "SSM Secret to store grafana API Key"
   type        = "SecureString"
   value = jsonencode({