slococo-uni
/
bsmsapp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Reformat files

This commit is contained in:
Santiago Lo Coco 2022-10-23 16:33:14 -03:00
parent 8008371c15
commit 42eb75fbaa
25 changed files with 109 additions and 136 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
run.sh
View File

@ -5,6 +5,7 @@ usage() {
usage: ${0##*/} [command]
-h Print this help message.
-v Validate terraform config.
-p Show changes required by the current terraform config.
-a Create or update infraestructure.
-d Destroy infraestructure.
EOF
@ -12,10 +13,11 @@ EOF
}
RUN=
while getopts "hvad" OPTION; do
while getopts "hvpad" OPTION; do
case $OPTION in
a) RUN=apply ;;
v) RUN=validate ;;
p) RUN=plan ;;
d) RUN=destroy ;;
*) usage ;;
esac
@ -23,7 +25,7 @@ done
dir="$PWD"
cd "$dir/terraform/organization/bsmsapp" || exit
cd "$dir/terraform/organization" || exit
terraform init
if [ "$RUN" = 'apply' ]; then

2
terraform/modules/apigw/variables.tf
View File

@ -26,7 +26,7 @@ variable "lambda_function_arn" {
}
variable "lambda_source_arn" {
type = string
type = string
}
variable "lambda_function_name" {

10
terraform/modules/apigw/versions.tf
View File

@ -2,9 +2,9 @@ terraform {
required_version = ">= 1.0.6"
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 4.10.0"
}
aws = {
source = "hashicorp/aws"
version = ">= 4.10.0"
}
}
}
}

22
terraform/modules/cloudfront/main.tf
View File

@ -1,5 +1,5 @@
# ---------------------------------------------------------------------------
# Amazon Cloudfront
# Amazon CloudFront
# ---------------------------------------------------------------------------
resource "aws_cloudfront_distribution" "this" {
@ -12,18 +12,18 @@ resource "aws_cloudfront_distribution" "this" {
for_each = var.origin
content {
domain_name = origin.value.domain_name
origin_id = lookup(origin.value, "origin_id", origin.key)
origin_path = lookup(origin.value, "origin_path", "")
domain_name = origin.value.domain_name
origin_id = lookup(origin.value, "origin_id", origin.key)
origin_path = lookup(origin.value, "origin_path", "")
dynamic "custom_origin_config" {
for_each = length(lookup(origin.value, "custom_origin_config", "")) == 0 ? [] : [lookup(origin.value, "custom_origin_config", "")]
content {
http_port = custom_origin_config.value.http_port
https_port = custom_origin_config.value.https_port
origin_protocol_policy = custom_origin_config.value.origin_protocol_policy
origin_ssl_protocols = custom_origin_config.value.origin_ssl_protocols
http_port = custom_origin_config.value.http_port
https_port = custom_origin_config.value.https_port
origin_protocol_policy = custom_origin_config.value.origin_protocol_policy
origin_ssl_protocols = custom_origin_config.value.origin_ssl_protocols
}
}
}
@ -37,8 +37,8 @@ resource "aws_cloudfront_distribution" "this" {
target_origin_id = i.value["target_origin_id"]
viewer_protocol_policy = i.value["viewer_protocol_policy"]
allowed_methods = lookup(i.value, "allowed_methods", ["GET", "HEAD", "OPTIONS"])
cached_methods = lookup(i.value, "cached_methods", ["GET", "HEAD"])
allowed_methods = lookup(i.value, "allowed_methods", ["GET", "HEAD", "OPTIONS"])
cached_methods = lookup(i.value, "cached_methods", ["GET", "HEAD"])
min_ttl = lookup(i.value, "min_ttl", null)
default_ttl = lookup(i.value, "default_ttl", null)
@ -63,4 +63,4 @@ resource "aws_cloudfront_distribution" "this" {
viewer_certificate {
cloudfront_default_certificate = true
}
}
}

3
terraform/modules/cloudfront/outputs.tf Normal file
View File

@ -0,0 +1,3 @@
# --------------------------------------------------------------------
# CloudFront outputs
# --------------------------------------------------------------------

4
terraform/modules/cloudfront/variables.tf
View File

@ -1,5 +1,5 @@
# ---------------------------------------------------------------------------
# Amazon Cloudfront variables
# Amazon CloudFront variables
# ---------------------------------------------------------------------------
variable "web_acl_id" {
@ -36,4 +36,4 @@ variable "enabled" {
description = "Whether the distribution is enabled to accept end user requests for content."
type = bool
default = true
}
}

2
terraform/modules/cloudfront/versions.tf
View File

@ -7,4 +7,4 @@ terraform {
version = ">= 4.10.0"
}
}
}
}

17
terraform/modules/dynamodb/main.tf
View File

@ -3,15 +3,10 @@
# ---------------------------------------------------------------------------
resource "aws_dynamodb_table" "this" {
name = var.name
read_capacity = var.read_capacity
write_capacity = var.write_capacity
billing_mode = var.billing_mode
# attribute {
# name = var.hash_key
# type = "S"
# }
name = var.name
read_capacity = var.read_capacity
write_capacity = var.write_capacity
billing_mode = var.billing_mode
dynamic "attribute" {
for_each = var.attributes
@ -22,6 +17,6 @@ resource "aws_dynamodb_table" "this" {
}
}
hash_key = var.hash_key
tags = var.tags
hash_key = var.hash_key
tags = var.tags
}

2
terraform/modules/dynamodb/variables.tf
View File

@ -48,4 +48,4 @@ variable "tags" {
description = "A map of tags to add to all resources"
type = map(string)
default = {}
}
}

10
terraform/modules/dynamodb/versions.tf
View File

@ -2,9 +2,9 @@ terraform {
required_version = ">= 1.0.6"
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 4.10.0"
}
aws = {
source = "hashicorp/aws"
version = ">= 4.10.0"
}
}
}
}

2
terraform/modules/lambda/outputs.tf
View File

@ -10,4 +10,4 @@ output "lambda_function_arn" {
output "lambda_function_name" {
description = "The name of the Lambda Function"
value = aws_lambda_function.this.function_name
}
}

2
terraform/modules/lambda/variables.tf
View File

@ -55,4 +55,4 @@ variable "vpc_security_group_ids" {
description = "List of security group ids when Lambda Function should run in the VPC."
type = list(string)
default = null
}
}

2
terraform/modules/lambda/versions.tf
View File

@ -7,4 +7,4 @@ terraform {
version = ">= 4.10.0"
}
}
}
}

11
terraform/modules/s3/main.tf
View File

@ -2,13 +2,11 @@
# Amazon S3
# ------------------------------------------------------------------------------
# 1 - S3 bucket
resource "aws_s3_bucket" "this" {
bucket = var.bucket_name
object_lock_enabled = false
}
# 2 -Bucket policy
resource "aws_s3_bucket_policy" "this" {
count = var.objects != {} ? 1 : 0
@ -16,7 +14,6 @@ resource "aws_s3_bucket_policy" "this" {
policy = data.aws_iam_policy_document.this.json
}
# 3 -Website configuration
resource "aws_s3_bucket_website_configuration" "this" {
bucket = aws_s3_bucket.this.id
@ -29,19 +26,17 @@ resource "aws_s3_bucket_website_configuration" "this" {
}
}
# 4 - Access Control List
resource "aws_s3_bucket_acl" "this" {
bucket = aws_s3_bucket.this.id
acl = var.bucket_acl
}
# 5 - Upload objects
resource "aws_s3_object" "this" {
for_each = try(var.objects, {}) #{ for object, key in var.objects: object => key if try(var.objects, {}) != {} }
for_each = try(var.objects, {})
bucket = aws_s3_bucket.this.id
key = try(each.value.rendered, replace(each.value.filename, "html/", "")) # remote path
source = try(each.value.rendered, format("./../resources/%s", each.value.filename)) # where is the file located
key = try(each.value.rendered, replace(each.value.filename, "html/", ""))
source = try(each.value.rendered, format("./../resources/%s", each.value.filename))
content_type = each.value.content_type
storage_class = try(each.value.tier, "STANDARD")
}

4
terraform/modules/s3/outputs.tf
View File

@ -1,5 +1,5 @@
# --------------------------------------------------------------------
# Amazon S3 buckets output
# Amazon S3 output
# --------------------------------------------------------------------
output "id" {
@ -14,5 +14,5 @@ output "arn" {
output "website_endpoint" {
description = "The website endpoint, if the bucket is configured with a website. If not, this will be an empty string."
value = aws_s3_bucket.this.website_endpoint
value = aws_s3_bucket_website_configuration.this.website_endpoint
}

26
terraform/modules/sqs/main.tf
View File

@ -2,18 +2,16 @@
# Amazon Simple Queue Service
# ------------------------------------------------------------------------------
resource "aws_sqs_queue" "terraform_queue" {
name = "terraform-example-queue"
delay_seconds = 90
max_message_size = 2048
message_retention_seconds = 86400
receive_wait_time_seconds = 10
redrive_policy = jsonencode({
deadLetterTargetArn = aws_sqs_queue.terraform_queue_deadletter.arn
maxReceiveCount = 4
})
# resource "aws_sqs_queue" "terraform_queue" {
# name = var.name
# delay_seconds = 90
# max_message_size = 2048
# message_retention_seconds = 86400
# receive_wait_time_seconds = 10
# redrive_policy = jsonencode({
# deadLetterTargetArn = aws_sqs_queue.terraform_queue_deadletter.arn
# maxReceiveCount = 4
# })
tags = {
Environment = "production"
}
}
# tags = var.tags
# }

16
terraform/organization/apigw.tf
View File

@ -9,13 +9,13 @@ module "apigw" {
module.lambda
]
name = "AWSAPIGateway-g3"
description = "..."
lambda_function_arn = module.lambda["lambda"].lambda_function_arn
lambda_function_name = module.lambda["lambda"].lambda_function_name
lambda_source_arn = "arn:aws:execute-api:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}"
tags = {
name = "AWSAPIGateway-g3"
description = "..."
lambda_function_arn = module.lambda["lambda"].lambda_function_arn
lambda_function_name = module.lambda["lambda"].lambda_function_name
lambda_source_arn = "arn:aws:execute-api:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}"
tags = {
name = "Api Gateway"
}
}
}

6
terraform/organization/cloudfront.tf
View File

@ -11,7 +11,7 @@ module "cloudfront" {
origin = {
api-gateway = {
domain_name = replace(replace(module.apigw.api_endpoint, "https://", ""), "/", "")
custom_origin_config = {
http_port = 80
https_port = 443
@ -32,8 +32,8 @@ module "cloudfront" {
}
default_cache_behavior = {
target_origin_id = "s3"
viewer_protocol_policy = "allow-all"
target_origin_id = "s3"
viewer_protocol_policy = "allow-all"
allowed_methods = ["GET", "HEAD", "OPTIONS"]
cached_methods = ["GET", "HEAD"]

2
terraform/organization/datasources.tf
View File

@ -15,4 +15,4 @@ data "template_file" "userdata" {
vars = {
ENDPOINT = "${module.apigw.api_endpoint}"
}
}
}

16
terraform/organization/dynamodb.tf
View File

@ -5,11 +5,11 @@ module "dynamodb" {
aws = aws.aws
}
name = "AWSDynamoDB-g3"
billing_mode = "PROVISIONED"
read_capacity = 20
write_capacity = 20
hash_key = "id"
name = "AWSDynamoDB-g3"
billing_mode = "PROVISIONED"
read_capacity = 20
write_capacity = 20
hash_key = "id"
attributes = [
{
@ -17,8 +17,8 @@ module "dynamodb" {
type = "N"
}
]
tags = {
tags = {
name = "DynamoDB-stock"
}
}
}

4
terraform/organization/locals.tf
View File

@ -30,11 +30,11 @@ locals {
lambdas = {
lambda = {
package = "${local.path}/lambda/lambda.zip"
package = "${local.path}/lambda/lambda.zip"
function_name = "AWSLambdaHandler-${replace(local.bucket_name, "-", "")}"
role = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/LabRole"
handler = "lambda_handler.main"
runtime = "python3.9"
}
}
}
}

6
terraform/organization/provider.tf
View File

@ -7,8 +7,8 @@ provider "aws" {
default_tags {
tags = {
author = "g3"
version = 1
author = "g3"
version = 1
}
}
}
}

1
terraform/organization/sqs.tf
View File

@ -0,0 +1 @@

2
terraform/organization/versions.tf
View File

@ -7,4 +7,4 @@ terraform {
version = ">= 4.10.0"
}
}
}
}

67
terraform/organization/vpc.tf
View File

@ -1,57 +1,31 @@
# module "vpc" {
# source = "terraform-aws-modules/vpc/aws"
# name = "my-vpc"
# cidr = "10.0.0.0/16"
# azs = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
# private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
# public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
# enable_nat_gateway = true
# enable_vpn_gateway = true
# tags = {
# Terraform = "true"
# Environment = "dev"
# }
# }
locals {
name = "ex-${replace(basename(path.cwd), "_", "-")}"
region = "us-east-1"
tags = {
Example = local.name
GithubRepo = "terraform-aws-vpc"
GithubOrg = "terraform-aws-modules"
}
}
################################################################################
# VPC Module
# VPC Module (from terraform-aws-modules)
################################################################################
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
name = local.name
providers = {
aws = aws.aws
}
name = "vpc-g3-bsmsapp"
cidr = "10.0.0.0/16"
azs = ["${local.region}a", "${local.region}b"]
private_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
public_subnets = ["10.0.3.0/24", "10.0.4.0/24"]
azs = ["${data.aws_region.current.name}a", "${data.aws_region.current.name}b"]
private_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
public_subnets = ["10.0.3.0/24", "10.0.4.0/24"]
create_database_subnet_group = false
manage_default_network_acl = true
default_network_acl_tags = { Name = "${local.name}-default" }
default_network_acl_tags = { Name = "vpc-g3-bsmsapp-default" }
manage_default_route_table = true
default_route_table_tags = { Name = "${local.name}-default" }
default_route_table_tags = { Name = "vpc-g3-bsmsapp-default" }
manage_default_security_group = true
default_security_group_tags = { Name = "${local.name}-default" }
default_security_group_tags = { Name = "vpc-g3-bsmsapp-default" }
enable_dns_hostnames = true
enable_dns_support = true
@ -59,7 +33,9 @@ module "vpc" {
enable_nat_gateway = true
single_nat_gateway = true
tags = local.tags
tags = {
Name = "vpc-g3-bsmsapp"
}
}
module "vpc_endpoints" {
@ -83,10 +59,11 @@ module "vpc_endpoints" {
},
}
tags = merge(local.tags, {
tags = {
Name = "vpc-g3-bsmsapp"
Project = "Secret"
Endpoint = "true"
})
}
}
# module "vpc_endpoints_nocreate" {
@ -145,7 +122,7 @@ data "aws_iam_policy_document" "generic_endpoint_policy" {
}
resource "aws_security_group" "vpc_tls" {
name_prefix = "${local.name}-vpc_tls"
name_prefix = "vpc-g3-bsmsapp-vpc_tls"
description = "Allow TLS inbound traffic"
vpc_id = module.vpc.vpc_id
@ -157,5 +134,7 @@ resource "aws_security_group" "vpc_tls" {
cidr_blocks = [module.vpc.vpc_cidr_block]
}
tags = local.tags
}
tags = {
Name = "vpc-g3-bsmsapp"
}
}