Remove old credentials for the AWS IAM user

I've updated the relevant env vars in Render to use the new credentials, so these old credentials are redundant. In hindsight, I probably should've used the access key serial number (i.e. 1) in the `CfnAccessKey` construct name rather than the word "New", because now there's only one access key I think the naming is a bit confusing. However, I can't easily change it, because CloudFormation uses the name to identify the underlying resource and thus changing it would lead to the current access key being removed and a new one being created. So I'm going to leave it for now. This is the last step in addressing this request [1] in order that we remove all live credentials from the git repo. [1]: #107 (comment)
freerange · Jan 6, 2024 · 5335d1d · 5335d1d
1 parent bd559b5
commit 5335d1d
Showing 1 changed file with 0 additions and 13 deletions.
diff --git a/aws-cdk/lib/music-coop-stack.ts b/aws-cdk/lib/music-coop-stack.ts
@@ -22,11 +22,6 @@ export class MusicCoopStack extends cdk.Stack {
       userName: props.s3Username
     });
 
-    const s3UserAccessKey = new iam.CfnAccessKey(this, 's3UserCfnAccessKey', {
-      userName: s3User.userName,
-      status: iam.AccessKeyStatus.INACTIVE
-    });
-
     const s3UserNewAccessKey = new iam.CfnAccessKey(this, 's3UserNewCfnAccessKey', {
       userName: s3User.userName,
       serial: 1
@@ -66,14 +61,6 @@ export class MusicCoopStack extends cdk.Stack {
       certificate: props.cdnCertificate
     });
 
-    new cdk.CfnOutput(this, 's3UserAccessKey', {
-      value: s3UserAccessKey.ref,
-    });
-
-    new cdk.CfnOutput(this, 's3UserSecretAccessKey', {
-      value: s3UserAccessKey.attrSecretAccessKey,
-    });
-
     new cdk.CfnOutput(this, 's3UserNewAccessKey', {
       value: s3UserNewAccessKey.ref,
     });