Merge branch 'main' into CES-131-scaling-cosmos-api

pagopa · Oct 2, 2024 · 1931968 · 1931968
2 parents 400e496 + ce7cccd
commit 1931968
Show file tree

Hide file tree

Showing 5 changed files with 17 additions and 7 deletions.
diff --git a/src/domains/citizen-auth-app/08_session_manager.tf b/src/domains/citizen-auth-app/08_session_manager.tf
@@ -151,9 +151,6 @@ locals {
     FF_FAST_LOGIN = "ALL"
     LV_TEST_USERS = module.tests.test_users.all
 
-    # MITIGATION APP BUG EMAIL VALIDATION
-    IS_SPID_EMAIL_PERSISTENCE_ENABLED = "false"
-
     # IOLOGIN redirect
     FF_IOLOGIN         = "BETA"
     IOLOGIN_TEST_USERS = data.azurerm_key_vault_secret.session_manager_IOLOGIN_TEST_USERS.value

diff --git a/src/domains/functions/function_public.tf b/src/domains/functions/function_public.tf
@@ -20,8 +20,6 @@ locals {
       FETCH_KEEPALIVE_TIMEOUT             = "60000"
 
       # UNIQUE EMAIL ENFORCEMENT
-      FF_UNIQUE_EMAIL_ENFORCEMENT             = "ALL"
-      UNIQUE_EMAIL_ENFORCEMENT_USERS          = jsonencode(split(",", data.azurerm_key_vault_secret.app_backend_UNIQUE_EMAIL_ENFORCEMENT_USER.value))
       PROFILE_EMAIL_STORAGE_CONNECTION_STRING = data.azurerm_storage_account.citizen_auth_common.primary_connection_string
       PROFILE_EMAIL_STORAGE_TABLE_NAME        = "profileEmails"
 

diff --git a/src/identity/prod/README.md b/src/identity/prod/README.md
@@ -19,9 +19,11 @@
 | Name | Type |
 |------|------|
 | [azurerm_role_assignment.cd_cgn](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |
+| [azurerm_role_assignment.cd_cgn_postgresql](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |
 | [azurerm_role_assignment.cd_trial_system](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |
 | [azurerm_role_assignment.ci_cgn](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |
 | [azurerm_role_assignment.ci_trial_system](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |
+| [azurerm_postgresql_server.cgn_psql](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/postgresql_server) | data source |
 | [azurerm_subscription.cgn](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subscription) | data source |
 | [azurerm_subscription.trial_system](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subscription) | data source |
 

diff --git a/src/identity/prod/data.tf b/src/identity/prod/data.tf
@@ -4,4 +4,10 @@ data "azurerm_subscription" "trial_system" {
 
 data "azurerm_subscription" "cgn" {
   provider = azurerm.prod-cgn
+}
+
+data "azurerm_postgresql_server" "cgn_psql" {
+  provider            = azurerm.prod-cgn
+  name                = "cgnonboardingportal-p-db-postgresql"
+  resource_group_name = "cgnonboardingportal-p-db-rg"
 }
diff --git a/src/identity/prod/main.tf b/src/identity/prod/main.tf
@@ -110,6 +110,13 @@ resource "azurerm_role_assignment" "ci_cgn" {
 resource "azurerm_role_assignment" "cd_cgn" {
   provider             = azurerm.prod-cgn
   scope                = data.azurerm_subscription.cgn.id
-  principal_id         = module.federated_identities.federated_ci_identity.id
+  principal_id         = module.federated_identities.federated_cd_identity.id
   role_definition_name = "Reader"
-}
+}
+
+resource "azurerm_role_assignment" "cd_cgn_postgresql" {
+  provider             = azurerm.prod-cgn
+  scope                = data.azurerm_postgresql_server.cgn_psql.id
+  principal_id         = module.federated_identities.federated_cd_identity.id
+  role_definition_name = "Contributor"
+}