Reformat files

run.sh

@@ -5,6 +5,7 @@ usage() {
 usage: ${0##*/} [command]
     -h          Print this help message.
     -v          Validate terraform config.
+    -p          Show changes required by the current terraform config.
     -a          Create or update infraestructure.
     -d          Destroy infraestructure.
 EOF
@@ -12,10 +13,11 @@ EOF
 }
 
 RUN=
-while getopts "hvad" OPTION; do
+while getopts "hvpad" OPTION; do
     case $OPTION in
     a) RUN=apply ;;
     v) RUN=validate ;;
+    p) RUN=plan ;;
     d) RUN=destroy ;;
     *) usage ;;
     esac
@@ -23,7 +25,7 @@ done
 
 dir="$PWD"
 
-cd "$dir/terraform/organization/bsmsapp" || exit
+cd "$dir/terraform/organization" || exit
 
 terraform init
 if [ "$RUN" = 'apply' ]; then

terraform/modules/apigw/variables.tf

@@ -26,7 +26,7 @@ variable "lambda_function_arn" {
 }
 
 variable "lambda_source_arn" {
-  type        = string
+  type = string
 }
 
 variable "lambda_function_name" {

terraform/modules/apigw/versions.tf

@@ -2,9 +2,9 @@ terraform {
   required_version = ">= 1.0.6"
 
   required_providers {
-      aws = {
+    aws = {
-          source  = "hashicorp/aws"
+      source  = "hashicorp/aws"
-          version = ">= 4.10.0"
+      version = ">= 4.10.0"
-      }
+    }
   }
-}
+}

terraform/modules/cloudfront/main.tf

@@ -1,5 +1,5 @@
 # ---------------------------------------------------------------------------
-# Amazon Cloudfront
+# Amazon CloudFront
 # ---------------------------------------------------------------------------
 
 resource "aws_cloudfront_distribution" "this" {
@@ -12,18 +12,18 @@ resource "aws_cloudfront_distribution" "this" {
     for_each = var.origin
 
     content {
-      domain_name              = origin.value.domain_name
+      domain_name = origin.value.domain_name
-      origin_id                = lookup(origin.value, "origin_id", origin.key)
+      origin_id   = lookup(origin.value, "origin_id", origin.key)
-      origin_path              = lookup(origin.value, "origin_path", "")
+      origin_path = lookup(origin.value, "origin_path", "")
 
       dynamic "custom_origin_config" {
         for_each = length(lookup(origin.value, "custom_origin_config", "")) == 0 ? [] : [lookup(origin.value, "custom_origin_config", "")]
 
         content {
-          http_port                = custom_origin_config.value.http_port
+          http_port              = custom_origin_config.value.http_port
-          https_port               = custom_origin_config.value.https_port
+          https_port             = custom_origin_config.value.https_port
-          origin_protocol_policy   = custom_origin_config.value.origin_protocol_policy
+          origin_protocol_policy = custom_origin_config.value.origin_protocol_policy
-          origin_ssl_protocols     = custom_origin_config.value.origin_ssl_protocols
+          origin_ssl_protocols   = custom_origin_config.value.origin_ssl_protocols
         }
       }
     }
@@ -37,8 +37,8 @@ resource "aws_cloudfront_distribution" "this" {
       target_origin_id       = i.value["target_origin_id"]
       viewer_protocol_policy = i.value["viewer_protocol_policy"]
 
-      allowed_methods           = lookup(i.value, "allowed_methods", ["GET", "HEAD", "OPTIONS"])
+      allowed_methods = lookup(i.value, "allowed_methods", ["GET", "HEAD", "OPTIONS"])
-      cached_methods            = lookup(i.value, "cached_methods", ["GET", "HEAD"])
+      cached_methods  = lookup(i.value, "cached_methods", ["GET", "HEAD"])
 
       min_ttl     = lookup(i.value, "min_ttl", null)
       default_ttl = lookup(i.value, "default_ttl", null)
@@ -63,4 +63,4 @@ resource "aws_cloudfront_distribution" "this" {
   viewer_certificate {
     cloudfront_default_certificate = true
   }
-}
+}

terraform/modules/cloudfront/outputs.tf

@@ -0,0 +1,3 @@
+# --------------------------------------------------------------------
+# CloudFront outputs
+# --------------------------------------------------------------------

terraform/modules/cloudfront/variables.tf

@@ -1,5 +1,5 @@
 # ---------------------------------------------------------------------------
-# Amazon Cloudfront variables
+# Amazon CloudFront variables
 # ---------------------------------------------------------------------------
 
 variable "web_acl_id" {
@@ -36,4 +36,4 @@ variable "enabled" {
   description = "Whether the distribution is enabled to accept end user requests for content."
   type        = bool
   default     = true
-}
+}

terraform/modules/cloudfront/versions.tf

@@ -7,4 +7,4 @@ terraform {
       version = ">= 4.10.0"
     }
   }
-}
+}

terraform/modules/dynamodb/main.tf

@@ -3,15 +3,10 @@
 # ---------------------------------------------------------------------------
 
 resource "aws_dynamodb_table" "this" {
-  name            = var.name
+  name           = var.name
-  read_capacity   = var.read_capacity
+  read_capacity  = var.read_capacity
-  write_capacity  = var.write_capacity
+  write_capacity = var.write_capacity
-  billing_mode    = var.billing_mode
+  billing_mode   = var.billing_mode
-
-  # attribute {
-  #   name = var.hash_key
-  #   type = "S"
-  # }
 
   dynamic "attribute" {
     for_each = var.attributes
@@ -22,6 +17,6 @@ resource "aws_dynamodb_table" "this" {
     }
   }
 
-  hash_key  = var.hash_key
+  hash_key = var.hash_key
-  tags      = var.tags
+  tags     = var.tags
 }

terraform/modules/dynamodb/variables.tf

@@ -48,4 +48,4 @@ variable "tags" {
   description = "A map of tags to add to all resources"
   type        = map(string)
   default     = {}
-}
+}

terraform/modules/dynamodb/versions.tf

@@ -2,9 +2,9 @@ terraform {
   required_version = ">= 1.0.6"
 
   required_providers {
-      aws = {
+    aws = {
-          source  = "hashicorp/aws"
+      source  = "hashicorp/aws"
-          version = ">= 4.10.0"
+      version = ">= 4.10.0"
-      }
+    }
   }
-}
+}

terraform/modules/lambda/outputs.tf

@@ -10,4 +10,4 @@ output "lambda_function_arn" {
 output "lambda_function_name" {
   description = "The name of the Lambda Function"
   value       = aws_lambda_function.this.function_name
-}
+}

terraform/modules/lambda/variables.tf

@@ -55,4 +55,4 @@ variable "vpc_security_group_ids" {
   description = "List of security group ids when Lambda Function should run in the VPC."
   type        = list(string)
   default     = null
-}
+}

terraform/modules/lambda/versions.tf

@@ -7,4 +7,4 @@ terraform {
       version = ">= 4.10.0"
     }
   }
-}
+}

terraform/modules/s3/main.tf

@@ -2,13 +2,11 @@
 # Amazon S3
 # ------------------------------------------------------------------------------
 
-# 1 - S3 bucket
 resource "aws_s3_bucket" "this" {
   bucket              = var.bucket_name
   object_lock_enabled = false
 }
 
-# 2 -Bucket policy
 resource "aws_s3_bucket_policy" "this" {
   count = var.objects != {} ? 1 : 0
 
@@ -16,7 +14,6 @@ resource "aws_s3_bucket_policy" "this" {
   policy = data.aws_iam_policy_document.this.json
 }
 
-# 3 -Website configuration
 resource "aws_s3_bucket_website_configuration" "this" {
   bucket = aws_s3_bucket.this.id
 
@@ -29,19 +26,17 @@ resource "aws_s3_bucket_website_configuration" "this" {
   }
 }
 
-# 4 - Access Control List
 resource "aws_s3_bucket_acl" "this" {
   bucket = aws_s3_bucket.this.id
   acl    = var.bucket_acl
 }
 
-# 5 - Upload objects
 resource "aws_s3_object" "this" {
-  for_each = try(var.objects, {}) #{ for object, key in var.objects: object => key if try(var.objects, {}) != {} }
+  for_each = try(var.objects, {})
 
   bucket        = aws_s3_bucket.this.id
-  key           = try(each.value.rendered, replace(each.value.filename, "html/", ""))         # remote path
+  key           = try(each.value.rendered, replace(each.value.filename, "html/", ""))
-  source        = try(each.value.rendered, format("./../resources/%s", each.value.filename)) # where is the file located
+  source        = try(each.value.rendered, format("./../resources/%s", each.value.filename))
   content_type  = each.value.content_type
   storage_class = try(each.value.tier, "STANDARD")
 }

terraform/modules/s3/outputs.tf

@@ -1,5 +1,5 @@
 # --------------------------------------------------------------------
-# Amazon S3 buckets output
+# Amazon S3 output
 # --------------------------------------------------------------------
 
 output "id" {
@@ -14,5 +14,5 @@ output "arn" {
 
 output "website_endpoint" {
   description = "The website endpoint, if the bucket is configured with a website. If not, this will be an empty string."
-  value       = aws_s3_bucket.this.website_endpoint
+  value       = aws_s3_bucket_website_configuration.this.website_endpoint
 }

terraform/modules/sqs/main.tf

@@ -2,18 +2,16 @@
 # Amazon Simple Queue Service
 # ------------------------------------------------------------------------------
 
-resource "aws_sqs_queue" "terraform_queue" {
+# resource "aws_sqs_queue" "terraform_queue" {
-  name                      = "terraform-example-queue"
+#   name                      = var.name
-  delay_seconds             = 90
+#   delay_seconds             = 90
-  max_message_size          = 2048
+#   max_message_size          = 2048
-  message_retention_seconds = 86400
+#   message_retention_seconds = 86400
-  receive_wait_time_seconds = 10
+#   receive_wait_time_seconds = 10
-  redrive_policy = jsonencode({
+#   redrive_policy = jsonencode({
-    deadLetterTargetArn = aws_sqs_queue.terraform_queue_deadletter.arn
+#     deadLetterTargetArn = aws_sqs_queue.terraform_queue_deadletter.arn
-    maxReceiveCount     = 4
+#     maxReceiveCount     = 4
-  })
+#   })
 
-  tags = {
+#   tags = var.tags
-    Environment = "production"
+# }
-  }
-}

terraform/organization/apigw.tf

@@ -9,13 +9,13 @@ module "apigw" {
     module.lambda
   ]
 
-  name                  = "AWSAPIGateway-g3"
+  name                 = "AWSAPIGateway-g3"
-  description           = "..."
+  description          = "..."
-  lambda_function_arn   = module.lambda["lambda"].lambda_function_arn
+  lambda_function_arn  = module.lambda["lambda"].lambda_function_arn
-  lambda_function_name  = module.lambda["lambda"].lambda_function_name
+  lambda_function_name = module.lambda["lambda"].lambda_function_name
-  lambda_source_arn     = "arn:aws:execute-api:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}"
+  lambda_source_arn    = "arn:aws:execute-api:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}"
-  
+
-  tags = { 
+  tags = {
     name = "Api Gateway"
   }
-}
+}

terraform/organization/cloudfront.tf

@@ -11,7 +11,7 @@ module "cloudfront" {
   origin = {
     api-gateway = {
       domain_name = replace(replace(module.apigw.api_endpoint, "https://", ""), "/", "")
-      
+
       custom_origin_config = {
         http_port              = 80
         https_port             = 443
@@ -32,8 +32,8 @@ module "cloudfront" {
   }
 
   default_cache_behavior = {
-    target_origin_id        = "s3"
+    target_origin_id       = "s3"
-    viewer_protocol_policy  = "allow-all"
+    viewer_protocol_policy = "allow-all"
 
     allowed_methods = ["GET", "HEAD", "OPTIONS"]
     cached_methods  = ["GET", "HEAD"]

terraform/organization/datasources.tf

@@ -15,4 +15,4 @@ data "template_file" "userdata" {
   vars = {
     ENDPOINT = "${module.apigw.api_endpoint}"
   }
-}
+}

terraform/organization/dynamodb.tf

@@ -5,11 +5,11 @@ module "dynamodb" {
     aws = aws.aws
   }
 
-  name            = "AWSDynamoDB-g3"
+  name           = "AWSDynamoDB-g3"
-  billing_mode    = "PROVISIONED"
+  billing_mode   = "PROVISIONED"
-  read_capacity   = 20
+  read_capacity  = 20
-  write_capacity  = 20
+  write_capacity = 20
-  hash_key        = "id"
+  hash_key       = "id"
 
   attributes = [
     {
@@ -17,8 +17,8 @@ module "dynamodb" {
       type = "N"
     }
   ]
-  
+
-  tags = { 
+  tags = {
     name = "DynamoDB-stock"
   }
-}
+}

terraform/organization/locals.tf

@@ -30,11 +30,11 @@ locals {
 
   lambdas = {
     lambda = {
-      package      = "${local.path}/lambda/lambda.zip"
+      package       = "${local.path}/lambda/lambda.zip"
       function_name = "AWSLambdaHandler-${replace(local.bucket_name, "-", "")}"
       role          = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/LabRole"
       handler       = "lambda_handler.main"
       runtime       = "python3.9"
     }
   }
-}
+}

terraform/organization/provider.tf

@@ -7,8 +7,8 @@ provider "aws" {
 
   default_tags {
     tags = {
-      author     = "g3"
+      author  = "g3"
-      version    = 1
+      version = 1
     }
   }
-}
+}

terraform/organization/sqs.tf

@@ -0,0 +1 @@
+

terraform/organization/versions.tf

@@ -7,4 +7,4 @@ terraform {
       version = ">= 4.10.0"
     }
   }
-}
+}

terraform/organization/vpc.tf

@@ -1,57 +1,31 @@
-# module "vpc" {
-#   source = "terraform-aws-modules/vpc/aws"
-
-#   name = "my-vpc"
-#   cidr = "10.0.0.0/16"
-
-#   azs             = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
-#   private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
-#   public_subnets  = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
-
-#   enable_nat_gateway = true
-#   enable_vpn_gateway = true
-
-#   tags = {
-#     Terraform = "true"
-#     Environment = "dev"
-#   }
-# }
-
-locals {
-  name   = "ex-${replace(basename(path.cwd), "_", "-")}"
-  region = "us-east-1"
-
-  tags = {
-    Example    = local.name
-    GithubRepo = "terraform-aws-vpc"
-    GithubOrg  = "terraform-aws-modules"
-  }
-}
-
 ################################################################################
-# VPC Module
+# VPC Module (from terraform-aws-modules)
 ################################################################################
 
 module "vpc" {
   source = "terraform-aws-modules/vpc/aws"
 
-  name = local.name
+  providers = {
+    aws = aws.aws
+  }
+
+  name = "vpc-g3-bsmsapp"
   cidr = "10.0.0.0/16"
 
-  azs                 = ["${local.region}a", "${local.region}b"]
+  azs             = ["${data.aws_region.current.name}a", "${data.aws_region.current.name}b"]
-  private_subnets     = ["10.0.1.0/24", "10.0.2.0/24"]
+  private_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
-  public_subnets      = ["10.0.3.0/24", "10.0.4.0/24"]
+  public_subnets  = ["10.0.3.0/24", "10.0.4.0/24"]
 
   create_database_subnet_group = false
 
   manage_default_network_acl = true
-  default_network_acl_tags   = { Name = "${local.name}-default" }
+  default_network_acl_tags   = { Name = "vpc-g3-bsmsapp-default" }
 
   manage_default_route_table = true
-  default_route_table_tags   = { Name = "${local.name}-default" }
+  default_route_table_tags   = { Name = "vpc-g3-bsmsapp-default" }
 
   manage_default_security_group = true
-  default_security_group_tags   = { Name = "${local.name}-default" }
+  default_security_group_tags   = { Name = "vpc-g3-bsmsapp-default" }
 
   enable_dns_hostnames = true
   enable_dns_support   = true
@@ -59,7 +33,9 @@ module "vpc" {
   enable_nat_gateway = true
   single_nat_gateway = true
 
-  tags = local.tags
+  tags = {
+    Name = "vpc-g3-bsmsapp"
+  }
 }
 
 module "vpc_endpoints" {
@@ -83,10 +59,11 @@ module "vpc_endpoints" {
     },
   }
 
-  tags = merge(local.tags, {
+  tags = {
+    Name = "vpc-g3-bsmsapp"
     Project  = "Secret"
     Endpoint = "true"
-  })
+  }
 }
 
 # module "vpc_endpoints_nocreate" {
@@ -145,7 +122,7 @@ data "aws_iam_policy_document" "generic_endpoint_policy" {
 }
 
 resource "aws_security_group" "vpc_tls" {
-  name_prefix = "${local.name}-vpc_tls"
+  name_prefix = "vpc-g3-bsmsapp-vpc_tls"
   description = "Allow TLS inbound traffic"
   vpc_id      = module.vpc.vpc_id
 
@@ -157,5 +134,7 @@ resource "aws_security_group" "vpc_tls" {
     cidr_blocks = [module.vpc.vpc_cidr_block]
   }
 
-  tags = local.tags
+  tags = {
-}
+    Name = "vpc-g3-bsmsapp"
+  }
+}