Merge pull request #6505 from ministryofjustice/add-xsiam-secrets

New Secret for XSIAM Endpoints & Keys

terraform/modernisation-platform-account/secrets.tf

@@ -173,3 +173,18 @@ data "aws_secretsmanager_secret_version" "circleci" {
   secret_id = aws_secretsmanager_secret.circleci.id
 }
 
+# Secrets for the XIAM data transfers. Note that the secrets contained in here are provided by Technology Services and so cannot be rotated unless initiated by them.
+# Secrets should be manually set in the console.
+
+resource "aws_secretsmanager_secret" "xsiam_secrets" {
+  # checkov:skip=CKV2_AWS_57:Auto rotation not possible
+    name        = "xsiam_secrets"
+    description = "Secret that holds the preprod & prod XSIAM endpoint values & keys for the firewall inspection & vpc flow log transfers"
+    kms_key_id  = aws_kms_key.secrets_key.id
+    tags        = local.tags
+    replica {
+      region = local.replica_region
+    }  
+}
+
+